CVE-2008-3889

Name of the Vulnerable Software and Affected Versions Postfix versions 2.4 through 2.4.8 Postfix versions 2.5 through 2.5.4 Postfix versions 2.6 through 2.6-20080901

Description The issue allows local users to cause a denial of service, resulting in application slowdown or exit, by executing a crafted command. This can be demonstrated by a command in a .forward file, which exploits the leak of epoll file descriptors during the execution of non-Postfix commands when used with the Linux 2.6 kernel.

Recommendations For Postfix versions 2.4 through 2.4.8, update to version 2.4.9 or later. For Postfix versions 2.5 through 2.5.4, update to version 2.5.5 or later. For Postfix versions 2.6 through 2.6-20080901, update to version 2.6-20080902 or later.