From: Wietse Venema (wietseporcupine.org)
Date: Sun Feb 06 2005 - 16:55:42 CST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

In a recent announcement on the Full-Disclosure mailing list, Martin
Pitt <martin.pittcanonical.com> wrote:

> Jean-Samuel Reynaud noticed a programming error in the IPv6 handling
> code of Postfix when /proc/net/if_inet6 is not available (which is the
> case in Ubuntu since Postfix runs in a chroot). If "permit_mx_backup"
> was enabled in the "smtpd_recipient_restrictions", Postfix turned into
> an open relay, i. e. erroneously permitted the delivery of arbitrary
> mail to any MX host which has an IPv6 address.

This is a bug in a third-party IPv6 patch that is not part of
Postfix. The bug affects Linux systems only.

Neither the official Postfix release, nor the work-in-progress
version (which has IPv6 support built-in) are affected by this.

Please do not ask me how to resolve the vulnerability. Contact info
for the third-party IPv6 patch is at http://www.ipnet6.org/postfix/ipv6.html.

Please do not ask me what Linux distributions are affected. Contact
your Linux distributor instead.

It would be nice if Linux distributors could indicate whether a
Postfix problem is part of the software base itself, or due to a
third-party add-on that they included with the base software.

        Wietse

!DSPAM:4206a12862101114638678!

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]