CVE-2011-1720 Information

Description

The SMTP server in Postfix before 2.5.13 2.6.x before 2.6.10 2.7.x before 2.7.4 and 2.8.x before 2.8.3 when certain Cyrus SASL authentication methods are enabled does not create a new server handle after client authentication fails which allows remote attackers to cause a denial of service (heap memory corruption and daemon crash) or possibly execute arbitrary code via an invalid AUTH command with one method followed by an AUTH command with a different method.

Reference

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00002.html http://secunia.com/advisories/44500 http://security.gentoo.org/glsa/glsa-201206-33.xml http://securityreason.com/securityalert/8247 http://www.debian.org/security/2011/dsa-2233 http://www.kb.cert.org/vuls/id/727230 http://www.mail-archive.com/postfix-announce@postfix.org/msg00007.html http://www.mandriva.com/security/advisories?name=MDVSA-2011:090 http://www.osvdb.org/72259 http://www.postfix.org/announcements/postfix-2.8.3.html http://www.postfix.org/CVE-2011-1720.html http://www.securityfocus.com/archive/1/517917/100/0/threaded http://www.securityfocus.com/bid/47778 http://www.securitytracker.com/id?1025521 http://www.ubuntu.com/usn/usn-1131-1 https://bugzilla.redhat.com/show_bug.cgi?id=699035 https://exchange.xforce.ibmcloud.com/vulnerabilities/67359