SERVER-MAIL -- Snort has detected traffic exploiting vulnerabilities in mail servers (such as Exchange, Courrier). These are different from protocol traffic, as this deals with the traffic going to the mail server itself.
SERVER-MAIL Postfix IPv6 Relaying Security Issue
This event is generated when an attempt to exploit CVE-2005-0337 is detected. Impact: Misc activity Details: There is a vulnerability in the way Postfix handles the relaying of e-mail messages. In certain configurations, the vulnerable Postfix becomes an open relay for mail addressed to MX host with IPv6 addresses. An attacker can exploit this flaw to deliver bulk arbitrary mail, using 3rd party resources, to an e-mail gateway with IPv6 addresses registered. A successful attack allows an attacker to use the target Postfix as an open relay to MX hosts with IPv6 addresses. The target will relay mail from an untrusted SMTP client. The vulnerable system may be used to send unsolicited e-mail such as spam. Ease of Attack:
No information provided
No public information
No known false positives
Cisco Talos Intelligence Group
No rule groups
CVE-2005-0337 |
Loading description
|