CVE-2011-0411

The STARTTLS implementation in Postfix 2.4.x before 2.4.16, 2.5.x before 2.5.12, 2.6.x before 2.6.9, and 2.7.x before 2.7.3 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sessions by sending a cleartext command that is processed after TLS is in place, related to a "plaintext command injection" attack.
Severity
UNKNOWN
AV:N/AC:M/Au:N/C:P/I:P/A:P
Atk. Vector
NETWORK
Atk. Complexity
MEDIUM
Base Score
CVSS 3.x
EPSS Score
Percentile: 85%
VendorProductVersion
postfixpostfix
2.4
postfixpostfix
2.4.0
postfixpostfix
2.4.1
postfixpostfix
2.4.2
postfixpostfix
2.4.3
postfixpostfix
2.4.4
postfixpostfix
2.4.5
postfixpostfix
2.4.6
postfixpostfix
2.4.7
postfixpostfix
2.4.8
postfixpostfix
2.4.9
postfixpostfix
2.4.10
postfixpostfix
2.4.11
postfixpostfix
2.4.12
postfixpostfix
2.4.13
postfixpostfix
2.4.14
postfixpostfix
2.4.15
postfixpostfix
2.5.0
postfixpostfix
2.5.1
postfixpostfix
2.5.2
postfixpostfix
2.5.3
postfixpostfix
2.5.4
postfixpostfix
2.5.5
postfixpostfix
2.5.6
postfixpostfix
2.5.7
postfixpostfix
2.5.8
postfixpostfix
2.5.9
postfixpostfix
2.5.10
postfixpostfix
2.5.11
postfixpostfix
2.6
postfixpostfix
2.6.0
postfixpostfix
2.6.1
postfixpostfix
2.6.2
postfixpostfix
2.6.3
postfixpostfix
2.6.4
postfixpostfix
2.6.5
postfixpostfix
2.6.6
postfixpostfix
2.6.7
postfixpostfix
2.6.8
postfixpostfix
2.7.0
postfixpostfix
2.7.1
postfixpostfix
2.7.2
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
postfix
bullseye
3.5.25-0+deb11u1
fixed
bookworm
3.7.11-0+deb12u1
fixed
sid
3.9.0-3
fixed
trixie
3.9.0-3
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
postfix
maverick
Fixed 2.7.1-1ubuntu0.1
released
lucid
Fixed 2.7.0-1ubuntu0.1
released
karmic
Fixed 2.6.5-3ubuntu0.1
released
hardy
Fixed 2.5.1-2ubuntu1.3
released
dapper
Fixed 2.2.10-1ubuntu0.3
released
Common Weakness Enumeration
References