CVE-2008-3889
Published Sep 12, 2008
Last updated 6 years ago
Overview
- Description
- Postfix 2.4 before 2.4.9, 2.5 before 2.5.5, and 2.6 before 2.6-20080902, when used with the Linux 2.6 kernel, leaks epoll file descriptors during execution of "non-Postfix" commands, which allows local users to cause a denial of service (application slowdown or exit) via a crafted command, as demonstrated by a command in a .forward file.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 2.1
- Impact score
- 2.9
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:N/I:N/A:P
Weaknesses
- nvd@nist.gov
- CWE-20
Vendor comments
- Red HatNot vulnerable. This issue did not affect the versions Postfix as shipped with Red Hat Enterprise Linux 3, 4, or 5.
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "0FC560CC-F785-42D5-A25B-1BA02E7AC464"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:postfix:postfix:2.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "998D1069-1CF5-42C5-8668-49D72E2D2F17"
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.4.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A2138A68-3F3D-4C7E-9FEB-2C8A445F2789"
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.4.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ED5E0EB5-ECC6-4573-9EA7-83E5741DA3CD"
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.4.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "790C02A8-95DD-42BE-8A1C-1C6D6DDCC443"
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.4.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0A0034F2-585D-4A98-8428-996A726712DE"
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.4.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F8B162B5-DEF5-46AD-87D1-734B3B637D46"
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.4.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0DF3730A-0FFD-4C23-B758-BBA67CC9CD92"
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.4.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "10E8E5E2-5674-40D5-AD86-8C4DDB442EE6"
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.4.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "690EDC73-47B5-4891-86A5-37B6ED80E145"
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.4.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B751BA4B-B7C8-4A87-A03C-5C91678FC832"
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.5.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "58F1FC50-B6EB-48FD-A2FA-B8BEB05719DD"
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.5.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A1DE90BD-B5F9-4762-B086-130AB04F3CB0"
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.5.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CCD5258B-C9DE-47BD-9172-27618F220201"
},
{
"criteria": "cpe:2.3:a:postfix:postfix:2.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5D1E6461-2F2A-49C5-9B2B-08DE418F2F7B"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]