New postfix packages for Red Hat
Posted on: 08/05/2003 12:43 AM

Red Hat has released new postfix packages for Red Hat Linux 7.3, 8.0, and 9

Two security issues have been found in Postfix that affect the Postfix packages in Red Hat Linux 7.3, 8.0, and 9.

Postfix versions before 1.1.12 allow an attacker to bounce-scan private networks, or use the daemon as a DDoS tool by forcing the daemon to connect to an arbitrary service at an arbitrary IP address and receiving either a bounce message or by analyzing timing. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0468 to
this issue.

Read more


Printed from Linux Compatible (http://www.linuxcompatible.org/news/story/new_postfix_packages_for_red_hat.html)