Postfix is a Mail Transport Agent (MTA), supporting LDAP, SMTP AUTH (SASL),
and TLS.
A flaw was found in the ipv6 patch used with Postfix. When the file
/proc/net/if_inet6 is not available and permit_mx_backup is enabled in
smtpd_recipient_restrictions, this flaw could allow remote attackers to
bypass e-mail restrictions and perform mail relaying by sending mail to an
IPv6 hostname. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2005-0337 to this issue.
These updated packages also fix the following problems:
All users of postfix should upgrade to these updated packages, which
contain patches which resolve these issues.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | any | x86_64 | postfix | < 2.1.5-4.2.RHEL4 | postfix-2.1.5-4.2.RHEL4.x86_64.rpm |
RedHat | any | ppc | postfix | < 2.1.5-4.2.RHEL4 | postfix-2.1.5-4.2.RHEL4.ppc.rpm |
RedHat | any | x86_64 | postfix-pflogsumm | < 2.1.5-4.2.RHEL4 | postfix-pflogsumm-2.1.5-4.2.RHEL4.x86_64.rpm |
RedHat | any | s390x | postfix-pflogsumm | < 2.1.5-4.2.RHEL4 | postfix-pflogsumm-2.1.5-4.2.RHEL4.s390x.rpm |
RedHat | any | i386 | postfix-pflogsumm | < 2.1.5-4.2.RHEL4 | postfix-pflogsumm-2.1.5-4.2.RHEL4.i386.rpm |
RedHat | any | s390 | postfix-pflogsumm | < 2.1.5-4.2.RHEL4 | postfix-pflogsumm-2.1.5-4.2.RHEL4.s390.rpm |
RedHat | any | s390 | postfix | < 2.1.5-4.2.RHEL4 | postfix-2.1.5-4.2.RHEL4.s390.rpm |
RedHat | any | src | postfix | < 2.1.5-4.2.RHEL4 | postfix-2.1.5-4.2.RHEL4.src.rpm |
RedHat | any | ia64 | postfix-pflogsumm | < 2.1.5-4.2.RHEL4 | postfix-pflogsumm-2.1.5-4.2.RHEL4.ia64.rpm |
RedHat | any | ia64 | postfix | < 2.1.5-4.2.RHEL4 | postfix-2.1.5-4.2.RHEL4.ia64.rpm |