Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

USN-642-1: Postfix vulnerabilities

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) USN-642-1: Postfix vulnerabilities
# 1  
Old 09-10-2008
USN-642-1: Postfix vulnerabilities
Referenced CVEs:
CVE-2008-3889


Description:
=========================================================== Ubuntu Security Notice USN-642-1 September 10, 2008 postfix vulnerabilities CVE-2008-3889 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 7.10 Ubuntu 8.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 7.10: postfix 2.4.5-3ubuntu1.3 Ubuntu 8.04 LTS: postfix 2.5.1-2ubuntu1.2 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Wietse Venema discovered that Postfix leaked internal file descriptors when executing non-Postfix commands. A local attacker could exploit this to cause Postfix to run out of descriptors, leading to a denial of service.





More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question

LEARN ABOUT SUSE

ocf_heartbeat_postfix

OCF_HEARTBEAT_POSTFI(7) 					OCF resource agents					   OCF_HEARTBEAT_POSTFI(7)

NAME

       ocf_heartbeat_postfix - Manages a highly available Postfix mail server instance

SYNOPSIS

       postfix [start | stop | reload | monitor | validate-all | meta-data]

DESCRIPTION

       This script manages Postfix as an OCF resource in a high-availability setup. Tested with Postfix 2.5.5 on Debian 5.0.

SUPPORTED PARAMETERS

       binary
	   Full path to the Postfix binary. For example, "/usr/sbin/postfix". (optional, string, default /usr/sbin/postfix)

       config_dir
	   Full path to a Postfix configuration directory. For example, "/etc/postfix". (optional, string, no default)

       parameters
	   The Postfix daemon may be called with additional parameters. Specify any of them here. (optional, string, no default)

SUPPORTED ACTIONS

       This resource agent supports the following actions (operations):

       start
	   Starts the resource. Suggested minimum timeout: 20s.

       stop
	   Stops the resource. Suggested minimum timeout: 20s.

       reload
	   Suggested minimum timeout: 20s.

       monitor
	   Performs a detailed status check. Suggested minimum timeout: 20s. Suggested interval: 60s.

       validate-all
	   Performs a validation of the resource configuration. Suggested minimum timeout: 20s.

       meta-data
	   Retrieves resource agent metadata (internal use only). Suggested minimum timeout: 5s.

EXAMPLE

       The following is an example configuration for a postfix resource using the crm(8) shell:

	   primitive example_postfix ocf:heartbeat:postfix 

	     op monitor depth="0" timeout="20s" interval="60s"

SEE ALSO

       http://www.linux-ha.org/wiki/postfix_(resource_agent)

AUTHOR

       Linux-HA contributors (see the resource agent source for information about individual authors)

resource-agents 1.0.3						    07/05/2010						   OCF_HEARTBEAT_POSTFI(7)