PT-2010-2031 · Suse+1 · Suse Linux Enterprise+2

Published

2010-01-22

Updated

2011-04-28

CVE-2010-0230

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions SUSE Linux Enterprise version 10 SP3 openSUSE version 11.2

Description The issue allows remote attackers to bypass intended access restrictions because postfix is configured to listen on all network interfaces.

Recommendations For SUSE Linux Enterprise version 10 SP3, consider reconfiguring postfix to only listen on specific network interfaces to minimize the risk of exploitation. For openSUSE version 11.2, restrict postfix to only listen on intended network interfaces as a mitigation measure.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

CVE-2010-0230

Affected Products

Suse Linux Enterprise

Opensuse

Postfix

PT-2010-2031 · Suse+1 · Suse Linux Enterprise+2

CVE-2010-0230

Weakness Enumeration

Related Identifiers

Affected Products

References · 3