Vulnerabilities > Wietse Venema

DATE CVE VULNERABILITY TITLE RISK
2005-05-02 CVE-2005-0337 Postfix 2.1.3, when /proc/net/if_inet6 is not available and permit_mx_backup is enabled in smtpd_recipient_restrictions, allows remote attackers to bypass e-mail restrictions and perform mail relaying by sending mail to an IPv6 hostname.
network
low complexity
wietse-venema redhat suse
7.5
2003-08-27 CVE-2003-0540 Denial of Service vulnerability in Multiple Postfix
The address parser code in Postfix 1.1.12 and earlier allows remote attackers to cause a denial of service (lock) via (1) a malformed envelope address to a local host that would generate a bounce and contains the ".!" string in the MAIL FROM or Errors-To headers, which causes nqmgr to lock up, or (2) via a valid MAIL FROM with a RCPT TO containing a ".!" string, which causes an instance of the SMTP listener to lock up.
network
low complexity
wietse-venema conectiva
5.0
2003-08-27 CVE-2003-0468 Denial of Service vulnerability in Multiple Postfix
Postfix 1.1.11 and earlier allows remote attackers to use Postfix to conduct "bounce scans" or DDos attacks of other hosts via an email address to the local host containing the target IP address and service name followed by a "!" string, which causes Postfix to attempt to use SMTP to communicate with the target on the associated port.
network
low complexity
wietse-venema conectiva
5.0
2001-11-11 CVE-2001-0894 Denial Of Service vulnerability in Wietse Venema Postfix 19990906/19991231/20000228
Vulnerability in Postfix SMTP server before 20010228-pl07, when configured to email the postmaster when SMTP errors cause the session to terminate, allows remote attackers to cause a denial of service (memory exhaustion) by generating a large number of SMTP errors, which forces the SMTP session log to grow too large.
network
low complexity
wietse-venema
5.0