Security 10740 Published by

Red Hat has released new postfix packages for Red Hat Linux 7.3, 8.0, and 9



Two security issues have been found in Postfix that affect the Postfix packages in Red Hat Linux 7.3, 8.0, and 9.

Postfix versions before 1.1.12 allow an attacker to bounce-scan private networks, or use the daemon as a DDoS tool by forcing the daemon to connect to an arbitrary service at an arbitrary IP address and receiving either a bounce message or by analyzing timing. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0468 to
this issue.
Read more