Mandriva Update For Postfix MDVSA-2008:190 (postfix) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

A vulnerability in Postfix 2.4 and later was discovered, when running on Linux kernel 2.6, where a local user could cause a denial of service due to Postfix leaking the epoll file descriptor when executing non-Postfix commands (CVE-2008-3889). The updated packages have been patched to correct this issue.

Affected

postfix on Mandriva Linux 2008.0, Mandriva Linux 2008.0/X86_64, Mandriva Linux 2008.1, Mandriva Linux 2008.1/X86_64

Severity

Classification

CVE CVE-2008-3889

CVSS	Base Score: 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Mandriva Update for ocsinventory-agent MDVA-2010:234 (ocsinventory-agent)
Mandriva Update for gdm MDKSA-2007:169 (gdm)
Mandriva Update for samba MDVSA-2012:070 (samba)
Mandriva Update for wireshark MDVSA-2012:042 (wireshark)
Mandriva Update for krb5 MDVA-2010:177 (krb5)

Mandriva Update for postfix MDVSA-2008:190 (postfix)

Take action and discover your vulnerabilities