SuSE Update For Postfix SUSE-SA:2010:011 Network Vulnerability

Impact

remote denial of service

Solution

Please Install the Updated Packages.

Insight

The value of SMTPD_LISTEN_REMOTE accidentally defaulted to 'yes'. The postfix smtp daemon therefore was reachable over the network by default. This update resets the value to 'no' in /etc/sysconfig/mail. If you intentionally want postfix to listen for remote connections you need to manually set it to 'yes' again. This update also fixes a problem where the relay database was not created and postfix refused to start.

Affected

postfix on openSUSE 11.2

References

http://www.novell.com/linux/security/advisories/2010_11_postfix.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-0230

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

SLES10: Security update for netatalk
SLES10: Security update for libxml2
SLES10: Security update for Java Struts
SLES10: Security update for IBM Java 5
SLES10: Security update for kdegraphics3-pdf

SuSE Update for postfix SUSE-SA:2010:011

Take action and discover your vulnerabilities