Pardus Linux Security Advisory - A security issue has been reported in Postfix, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
958c2becbf55d42c7936f60de3ecc7d90e1b2002e2058419d481531dd00703ed------------------------------------------------------------------------
Pardus Linux Security Advisory 2008-40 security@pardus.org.tr
------------------------------------------------------------------------
Date: 2008-09-06
Severity: 1
Type: Local
------------------------------------------------------------------------
Summary
=======
A security issue has been reported in Postfix, which can be exploited by
malicious, local users to cause a DoS (Denial of Service).
Description
===========
The security issue is caused due to Postfix leaking the epoll file
descriptor when executing non-Postfix commands, which can be exploited
to cause a DoS.
The security issue only affects Postfix 2.4 or later in combination with
epoll (e.g. Linux 2.6).
Affected packages:
Pardus 2008:
postfix, all before 2.5.4-21-5
Resolution
==========
There are update(s) for postfix. You can update them via Package Manager
or with a single command from console:
pisi up postfix
References
==========
* http://bugs.pardus.org.tr/show_bug.cgi?id=8114
* http://www.postfix.org/announcements/20080902.html
* http://secunia.com/advisories/31716/
------------------------------------------------------------------------
--
Pınar Yanardağ
Pardus Security Team
http://security.pardus.org.tr
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed