Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2003-0468
HistoryAug 27, 2003 - 4:00 a.m.

CVE-2003-0468

2003-08-2704:00:00
mitre
web.nvd.nist.gov
77
postfix
remote attacks
bounce scans
ddos attacks
email security
ip address
smtp communication
nvd

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.2

Confidence

Low

EPSS

0.026

Percentile

90.4%

JSON

Postfix 1.1.11 and earlier allows remote attackers to use Postfix to conduct “bounce scans” or DDos attacks of other hosts via an email address to the local host containing the target IP address and service name followed by a “!” string, which causes Postfix to attempt to use SMTP to communicate with the target on the associated port.

Affected configurations

Nvd
Node
wietse_venemapostfixMatch1.0.21
OR
wietse_venemapostfixMatch1.1.11
OR
wietse_venemapostfixMatch1999-09-06
OR
wietse_venemapostfixMatch1999-12-31
OR
wietse_venemapostfixMatch2000-02-28
OR
wietse_venemapostfixMatch2001-11-15
OR
conectivalinuxMatch7.0
OR
conectivalinuxMatch8.0
VendorProductVersionCPE
wietse_venemapostfix1.0.21cpe:2.3:a:wietse_venema:postfix:1.0.21:*:*:*:*:*:*:*
wietse_venemapostfix1.1.11cpe:2.3:a:wietse_venema:postfix:1.1.11:*:*:*:*:*:*:*
wietse_venemapostfix1999-09-06cpe:2.3:a:wietse_venema:postfix:1999-09-06:*:*:*:*:*:*:*
wietse_venemapostfix1999-12-31cpe:2.3:a:wietse_venema:postfix:1999-12-31:*:*:*:*:*:*:*
wietse_venemapostfix2000-02-28cpe:2.3:a:wietse_venema:postfix:2000-02-28:*:*:*:*:*:*:*
wietse_venemapostfix2001-11-15cpe:2.3:a:wietse_venema:postfix:2001-11-15:*:*:*:*:*:*:*
conectivalinux7.0cpe:2.3:o:conectiva:linux:7.0:*:*:*:*:*:*:*
conectivalinux8.0cpe:2.3:o:conectiva:linux:8.0:*:*:*:*:*:*:*

Related

cvelist 1
debiancve 1
nvd 1
nessus 4
seebug 2
exploitpack 2
suse 1
osv 1
openvas 2
cert 1
exploitdb 2
securityvulns 1
debian 1
cvelist
cvelist
CVE-2003-0468
2003-08-05 04:00:00
debiancve
debiancve
CVE-2003-0468
2003-08-27 04:00:00
nvd
nvd
CVE-2003-0468
2003-08-27 04:00:00
nessus
nessus
SUSE-SA:2003:033: postfix
2004-07-25 00:00:00
Postfix < 2.0 Multiple Vulnerabilities
2003-08-15 00:00:00
Mandrake Linux Security Advisory : postfix (MDKSA-2003:081)
2004-07-31 00:00:00
seebug
seebug
Postfix 1.1.x Denial of Service Vulnerabilities (2)
2014-07-01 00:00:00
Postfix 1.1.x Denial of Service Vulnerabilities (1)
2014-07-01 00:00:00
exploitpack
exploitpack
Postfix 1.1.x - Denial of Service (2)
2003-08-04 00:00:00
Postfix 1.1.x - Denial of Service (1)
2003-08-04 00:00:00
suse
suse
remote Denial of Service (DoS) attack in postfix
2003-08-04 12:19:27
osv
osv
postfix - denial of service, bounce-scanning
2003-08-03 00:00:00
openvas
openvas
Debian Security Advisory DSA 363-1 (postfix)
2008-01-17 00:00:00
Debian: Security Advisory (DSA-363)
2008-01-17 00:00:00
cert
cert
Postfix vulnerable to DoS by supplying a remote SMTP listener with a malformed envelope address
2003-08-11 00:00:00
exploitdb
exploitdb
Postfix 1.1.x - Denial of Service (1)
2003-08-04 00:00:00
Postfix 1.1.x - Denial of Service (2)
2003-08-04 00:00:00
securityvulns
securityvulns
[Full-Disclosure] Postfix 1.1.12 remote DoS / Postfix 1.1.11 bounce scanning
2003-08-04 00:00:00
debian
debian
[SECURITY] [DSA-363-1] New postfix packages fix remote denial of service, bounce scanning
2003-08-03 22:25:40

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.2

Confidence

Low

EPSS

0.026

Percentile

90.4%

JSON
Related for CVE-2003-0468
cvelist1debiancve1nvd1nessus4seebug2exploitpack2suse1osv1openvas2cert1exploitdb2securityvulns1debian1