CVE-2003-0468
published 2003-08-27CVE-2003-0468: Postfix 1.1.11 and earlier allows remote attackers to use Postfix to conduct "bounce scans" or DDos attacks of other hosts via an email address to the local…
PriorityP420medium5CVSS 2.0
AVNACLAuNCNINAP
EPSS
2.38%
81.8th percentile
Postfix 1.1.11 and earlier allows remote attackers to use Postfix to conduct "bounce scans" or DDos attacks of other hosts via an email address to the local host containing the target IP address and service name followed by a "!" string, which causes Postfix to attempt to use SMTP to communicate with the target on the associated port.
Affected
13 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| conectiva | linux | — | — |
| conectiva | linux | — | — |
| debian | postfix | < postfix 1.1.12 (bookworm) | postfix 1.1.12 (bookworm) |
| postfix | postfix | >= 0 < 1.1.12 | 1.1.12 |
| postfix | postfix | >= 0 < 1.1.12 | 1.1.12 |
| postfix | postfix | >= 0 < 1.1.12 | 1.1.12 |
| postfix | postfix | >= 0 < 1.1.12 | 1.1.12 |
| wietse_venema | postfix | — | — |
| wietse_venema | postfix | — | — |
| wietse_venema | postfix | — | — |
| wietse_venema | postfix | — | — |
| wietse_venema | postfix | — | — |
| wietse_venema | postfix | — | — |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv5.0MEDIUM
vendor_debian5.0MEDIUM
vendor_redhat5.0MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
security flaw
vendor_redhat·2003-08-03·CVSS 5.0
CVE-2003-0468 [MEDIUM] security flaw
security flaw
Postfix 1.1.11 and earlier allows remote attackers to use Postfix to conduct "bounce scans" or DDos attacks of other hosts via an email address to the local host containing the target IP address and service name followed by a "!" string, which causes Postfix to attempt to use SMTP to communicate with the target on the associated port.
Debian
CVE-2003-0468: postfix - Postfix 1.1.11 and earlier allows remote attackers to use Postfix to conduct "bo...
vendor_debian·2003·CVSS 5.0
CVE-2003-0468 [MEDIUM] CVE-2003-0468: postfix - Postfix 1.1.11 and earlier allows remote attackers to use Postfix to conduct "bo...
Postfix 1.1.11 and earlier allows remote attackers to use Postfix to conduct "bounce scans" or DDos attacks of other hosts via an email address to the local host containing the target IP address and service name followed by a "!" string, which causes Postfix to attempt to use SMTP to communicate with the target on the associated port.
Scope: local
bookworm: resolved (fixed in 1.1.12)
bullseye: resolved (fixed in 1.1.12)
forky: resolved (fixed in 1.1.12)
sid: resolved (fixed in 1.1.12)
trixie: resolved (fixed in 1.1.12)
GHSA
GHSA-p8pr-mx9r-9jjx: Postfix 1
ghsa_unreviewed·2022-04-29
CVE-2003-0468 [MEDIUM] GHSA-p8pr-mx9r-9jjx: Postfix 1
Postfix 1.1.11 and earlier allows remote attackers to use Postfix to conduct "bounce scans" or DDos attacks of other hosts via an email address to the local host containing the target IP address and service name followed by a "!" string, which causes Postfix to attempt to use SMTP to communicate with the target on the associated port.
OSV
CVE-2003-0468: Postfix 1
osv·2003-08-27·CVSS 5.0
CVE-2003-0468 [MEDIUM] CVE-2003-0468: Postfix 1
Postfix 1.1.11 and earlier allows remote attackers to use Postfix to conduct "bounce scans" or DDos attacks of other hosts via an email address to the local host containing the target IP address and service name followed by a "!" string, which causes Postfix to attempt to use SMTP to communicate with the target on the associated port.
No detection rules found.
Exploit-DB
Postfix 1.1.x - Denial of Service (1)
exploitdb·2003-08-04
CVE-2003-0540 Postfix 1.1.x - Denial of Service (1)
Postfix 1.1.x - Denial of Service (1)
---
// source: https://www.securityfocus.com/bid/8333/info
Debian has reported two vulnerabilities in the Postfix mail transfer agent. The first vulnerability, CAN-2003-0468, can allow for an adversary to "bounce-scan" a private network. It has also been reported that this vulnerability can be exploited to use the server as a distributed denial of service tool. These attacks are reportedly possible through forcing the server to connect to an arbitrary port on an arbitrary host.
The second vulnerability, CAN-2003-0540, is another denial of service. It can be triggered by a malformed envelope address and can cause the queue manager to lock up until the message is removed manually from the queue. It is also reportedly possible to lock the SMTP listene
Exploit-DB
Postfix 1.1.x - Denial of Service (2)
exploitdb·2003-08-04
CVE-2003-0540 Postfix 1.1.x - Denial of Service (2)
Postfix 1.1.x - Denial of Service (2)
---
source: https://www.securityfocus.com/bid/8333/info
Debian has reported two vulnerabilities in the Postfix mail transfer agent. The first vulnerability, CAN-2003-0468, can allow for an adversary to "bounce-scan" a private network. It has also been reported that this vulnerability can be exploited to use the server as a distributed denial of service tool. These attacks are reportedly possible through forcing the server to connect to an arbitrary port on an arbitrary host.
The second vulnerability, CAN-2003-0540, is another denial of service. It can be triggered by a malformed envelope address and can cause the queue manager to lock up until the message is removed manually from the queue. It is also reportedly possible to lock the SMTP listener,
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000717http://marc.info/?l=bugtraq&m=106001525130257&w=2http://secunia.com/advisories/9433http://www.debian.org/security/2003/dsa-363http://www.mandriva.com/security/advisories?name=MDKSA-2003:081http://www.novell.com/linux/security/advisories/2003_033_postfix.htmlhttp://www.redhat.com/support/errata/RHSA-2003-251.htmlhttp://www.securityfocus.com/bid/8333https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A522http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000717http://marc.info/?l=bugtraq&m=106001525130257&w=2http://secunia.com/advisories/9433http://www.debian.org/security/2003/dsa-363http://www.mandriva.com/security/advisories?name=MDKSA-2003:081http://www.novell.com/linux/security/advisories/2003_033_postfix.htmlhttp://www.redhat.com/support/errata/RHSA-2003-251.htmlhttp://www.securityfocus.com/bid/8333https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A522
2003-08-27
Published