Check Point Advisories

Postfix IPv6 Relaying Security Issue (CVE-2005-0337)

Check Point Reference: CPAI-2012-1330
Date Published: 12 Feb 2013
Severity: Medium
Last Updated: Monday 15 April, 2024
Source: CVE-2005-0337
Protection Provided by:

Security Gateway
R70

  • R71
  • R75

    		•
    Who is Vulnerable? Postfix Project Postfix 2.1.3 to 2.1.4-4
    Postfix Project Postfix 2.1.3-1ubuntu17
    Vulnerability Description There is a vulnerability in the way Postfix handles the relaying of e-mail messages A successful attack allows an attacker to use the target Postfix as an open relay to MX hosts with IPv6addresses.
    Vulnerability DetailsIn certain configurations, the vulnerable Postfix becomes an open relay for mail addressed to MX host with IPv6 addresses. An attacker sends a email from untrusted host through a vulnerable Postfix server. The email destinationdomain contains a MX record which has a AAAA (IPv6) record. The email is relayed by the Postfix server, triggering the vulnerability.

    Protection Overview

    This protection will detect and block arbitrary mail ent by the attacker

    1. In the IPS tab, click Protections and find the Postfix IPv6 Relaying Security Issue protection using the Search tool and Edit the protection's settings.
    2. Install policy on all modules.

    SmartView Tracker will log the following entries:
    Attack Name: SMTP Protection Violation
    Attack Information: Postfix IPv6 Relaying Security Issue

    ×
      Feedback
    This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
    OK