National Cyber-Alert System

Vulnerability Summary for CVE-2008-3889

Overview

Postfix 2.4 before 2.4.9, 2.5 before 2.5.5, and 2.6 before 2.6-20080902, when used with the Linux 2.6 kernel, leaks epoll file descriptors during execution of "non-Postfix" commands, which allows local users to cause a denial of service (application slowdown or exit) via a crafted command, as demonstrated by a command in a .forward file.

Impact

CVSS Severity (version 2.0):

CVSS Version 2 Metrics:

Vendor Statments (disclaimer)

Official Statement from Red Hat (01/01/1900)

Not vulnerable. This issue did not affect the versions Postfix as shipped with Red Hat Enterprise Linux 3, 4, or 5.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

External Source: CONFIRM

Name: http://www.postfix.org/announcements/20080902.html

Type: Patch Information

Hyperlink:http://www.postfix.org/announcements/20080902.html

External Source: FEDORA

Name: FEDORA-2008-8593

Hyperlink:https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00287.html

External Source: FEDORA

Name: FEDORA-2008-8595

Hyperlink:https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00271.html

External Source: XF

Name: postfix-filedescriptor-dos(44865)

Hyperlink:http://xforce.iss.net/xforce/xfdb/44865

External Source: MISC

Name: http://www.wekk.net/research/CVE-2008-3889/

Hyperlink:http://www.wekk.net/research/CVE-2008-3889/

External Source: UBUNTU

Name: USN-642-1

Hyperlink:http://www.ubuntu.com/usn/usn-642-1

External Source: BID

Name: 30977

Hyperlink:http://www.securityfocus.com/bid/30977

External Source: BUGTRAQ

Name: 20081104 rPSA-2008-0311-1 postfix

Hyperlink:http://www.securityfocus.com/archive/1/archive/1/498037/100/0/threaded

External Source: BUGTRAQ

Name: 20080916 [Suspected Spam][CVE-2008-4042] Postfix Linux-only local denial of service - PoC

Hyperlink:http://www.securityfocus.com/archive/1/archive/1/496420/100/0/threaded

External Source: BUGTRAQ

Name: 20080902 Postfix Linux-only local denial of service

Hyperlink:http://www.securityfocus.com/archive/1/archive/1/495894/100/0/threaded

External Source: MILW0RM

Name: 6472

Hyperlink:http://www.milw0rm.com/exploits/6472

External Source: MANDRIVA

Name: MDVSA-2008:190

Hyperlink:http://www.mandriva.com/security/advisories?name=MDVSA-2008:190

External Source: CONFIRM

Name: http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0311

Hyperlink:http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0311

External Source: SECTRACK

Name: 1020800

Hyperlink:http://securitytracker.com/id?1020800

External Source: SREASON

Name: 4239

Hyperlink:http://securityreason.com/securityalert/4239

External Source: GENTOO

Name: GLSA-200809-09

Hyperlink:http://security.gentoo.org/glsa/glsa-200809-09.xml

External Source: SECUNIA

Name: 32231

Hyperlink:http://secunia.com/advisories/32231

External Source: SECUNIA

Name: 31986

Hyperlink:http://secunia.com/advisories/31986

External Source: SECUNIA

Name: 31982

Hyperlink:http://secunia.com/advisories/31982

External Source: SECUNIA

Name: 31800

Hyperlink:http://secunia.com/advisories/31800

External Source: SECUNIA

Name: 31716

Type: Advisory

Hyperlink:http://secunia.com/advisories/31716

External Source: SUSE

Name: SUSE-SR:2008:018

Hyperlink:http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html