PT-2019-14834 · Postfix · Postfix-Mta-Sts-Resolver

Snawoot

Publicado

2019-07-05

Atualizado

2020-10-23

CVE-2019-16791

CVSS v4.0

8.7

Alta

Vetor

AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N

Name of the Vulnerable Software and Affected Versions postfix-mta-sts-resolver versions prior to 0.5.1

Description The issue affects all users and can cause the daemon to return an incorrect response under rare conditions, leading to a downgrade of the effective STS policy.

Recommendations For versions prior to 0.5.1, update to version 0.5.1 to resolve the issue. As a temporary workaround, users may apply the provided patches to older supported versions.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-757

Identificadores relacionados

CVE-2019-16791

GHSA-H92M-42H4-82F6

PYSEC-2020-174

Produtos afetados

Postfix-Mta-Sts-Resolver

PT-2019-14834 · Postfix · Postfix-Mta-Sts-Resolver

CVE-2019-16791

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 11