Rapid7 Vulnerability & Exploit Database

Postfix vulnerability (CVE-2003-0468)

Free InsightVM Trial No credit card necessary

Watch Demo See how it all works

Back to Search

Postfix vulnerability (CVE-2003-0468)

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:N/A:P)

Published

08/27/2003

Created

07/25/2018

Added

07/03/2014

Modified

02/13/2015

Description

Postfix 1.1.11 and earlier allows remote attackers to use Postfix to conduct "bounce scans" or DDos attacks of other hosts via an email address to the local host containing the target IP address and service name followed by a "!" string, which causes Postfix to attempt to use SMTP to communicate with the target on the associated port.

Solution(s)

postfix-upgrade-latest

References

https://attackerkb.com/topics/cve-2003-0468
8333
CLA-2003:717
CVE - 2003-0468
DSA-363
MDKSA-2003:081
OVAL522
RHSA-2003:251
SuSE-SA:2003:033

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

Postfix vulnerability (CVE-2003-0468)

Postfix vulnerability (CVE-2003-0468)

Description

Solution(s)

References

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.