CVE-2003-0468
Last modified
CVE-2003-0468 is a vulnerability of currently unknown severity. Postfix 1.1.11 and earlier allows remote attackers to use Postfix to conduct "bounce scans" or DDos attacks of other hosts via an email address to the local host containing the target IP address and service name followed by a "!" string, which causes Postfix to attempt to use SMTP to communicate with the target on the associated port.. EPSS estimates a 2.38% chance of exploitation in the next 30 days.
Description
Postfix 1.1.11 and earlier allows remote attackers to use Postfix to conduct "bounce scans" or DDos attacks of other hosts via an email address to the local host containing the target IP address and service name followed by a "!" string, which causes Postfix to attempt to use SMTP to communicate with the target on the associated port.
Metrics
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Wietse Venema | Postfix | 1.0.21 |
| Wietse Venema | Postfix | 1.1.11 |
| Wietse Venema | Postfix | 1999-09-06 |
| Wietse Venema | Postfix | 1999-12-31 |
| Wietse Venema | Postfix | 2000-02-28 |
| Wietse Venema | Postfix | 2001-11-15 |
| Conectiva | Linux | 7.0 |
| Conectiva | Linux | 8.0 |
References
- http://www.debian.org/security/2003/dsa-363Patch, Vendor Advisory
- http://www.debian.org/security/2003/dsa-363Patch, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2003-0468?
How severe is CVE-2003-0468?
How do I fix CVE-2003-0468?
Are you affected by CVE-2003-0468?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST