SMTP: Postfix SMTP Server SASL AUTH Handle Reuse Memory Corruption
A memory corruption vulnerability exists in Postfix SMTP server when the Cyrus SASL library is used with authentication mechanisms other than PLAIN, LOGIN and ANONYMOUS. This vulnerability is due to the Postfix server's reuse of a SASL server handle after an authentication failure. This could result in code execution in the context of the process, which is usually run in the context of the user "postfix".
Extended Description
Postfix is prone to a memory-corruption vulnerability that affects the SMTP server when Cyrus SASL support is enabled. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. This issue affects the following Postfix version breaches: 2.5.x prior to 2.5.13 2.6.x prior to 2.6.19 2.7.x prior to 2.7.4 2.8.x prior to 2.8.3
Affected Products
Wietse_venema postfix
Short Name
SMTP:EXPLOIT:POSTFIX-AUTH-REUSE
Severity
Major
Recommended
False
Recommended Action
None
Category
SMTP
Keywords
AUTH CVE-2011-1720 Corruption Handle Memory Postfix Reuse SASL SMTP Server bid:47778
Release Date
06/16/2011
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Red_hat
Suse
Gentoo
Avaya
Pardus
Ubuntu
Mandriva
Wietse_venema
Debian
Kolab
CVSS Score
6.8