6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.887 High
EPSS
Percentile
98.7%
The Postfix SMTP server has a memory corruption error, when the
Cyrus SASL library is used with authentication mechanisms other
than PLAIN and LOGIN (ANONYMOUS is not affected, but should not
be used for other reasons). This memory corruption is known to
result in a program crash (SIGSEV).
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
FreeBSD | any | noarch | postfix | = 2.8.*,1 | UNKNOWN |
FreeBSD | any | noarch | postfix | < 2.8.3,1 | UNKNOWN |
FreeBSD | any | noarch | postfix-base | = 2.8.*,1 | UNKNOWN |
FreeBSD | any | noarch | postfix-base | < 2.8.3,1 | UNKNOWN |
FreeBSD | any | noarch | postfix-current | < 2.9.20110501,4 | UNKNOWN |
FreeBSD | any | noarch | postfix-current-base | < 2.9.20110501,4 | UNKNOWN |