Security 10740 Published by

Red Hat has released new postfix packages for Red Hat Linux 7.3, 8.0, and 9

Two security issues have been found in Postfix that affect the Postfix packages in Red Hat Linux 7.3, 8.0, and 9.

Postfix versions before 1.1.12 allow an attacker to bounce-scan private networks, or use the daemon as a DDoS tool by forcing the daemon to connect to an arbitrary service at an arbitrary IP address and receiving either a bounce message or by analyzing timing. The Common Vulnerabilities and Exposures project ( has assigned the name CAN-2003-0468 to
this issue.
Read more