Plaintext injection in multiple implementations of STARTTLS
Mark Martinec
Mark.Martinec+amavis at ijs.si
Tue Mar 8 11:05:38 CET 2011
For those wondering about CVE-2011-0411 / VU#555316 status:
http://marc.info/?l=postfix-users&m=129952854117623
http://www.kb.cert.org/vuls/id/555316
Amavisd-new is NOT AFFECTED by this vulnerability
even when TLS is used ( $tls_security_level_in ).
Version 2.6.4 and earlier does not use a stream and does not
buffer SMTP data at this level. Switching to TLS replaces
the I/O methods.
Version 2.7.0(-pre*) does use buffering at the application
level of transport, but properly discards any buffered
leftovers (pipelining violations) when switching to TLS
after a STARTTLS command.
Mark
More information about the amavis-users
mailing list