CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2008-3889

Postfix 2.4 before 2.4.9, 2.5 before 2.5.5, and 2.6 before 2.6-20080902, when used with the Linux 2.6 kernel, leaks epoll file descriptors during execution of "non-Postfix" commands, which allows local users to cause a denial of service (application slowdown or exit) via a crafted command, as demonstrated by a command in a .forward file.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 23.1%

CVSS Severity

CVSS v2 Score 2.1

References

Products affected by CVE-2008-3889

Postfix » Postfix » Version: 2.4

cpe:2.3:a:postfix:postfix:2.4
Postfix » Postfix » Version: 2.4.0

cpe:2.3:a:postfix:postfix:2.4.0
Postfix » Postfix » Version: 2.4.1

cpe:2.3:a:postfix:postfix:2.4.1
Postfix » Postfix » Version: 2.4.2

cpe:2.3:a:postfix:postfix:2.4.2
Postfix » Postfix » Version: 2.4.3

cpe:2.3:a:postfix:postfix:2.4.3
Postfix » Postfix » Version: 2.4.4

cpe:2.3:a:postfix:postfix:2.4.4
Postfix » Postfix » Version: 2.4.5

cpe:2.3:a:postfix:postfix:2.4.5
Postfix » Postfix » Version: 2.4.6

cpe:2.3:a:postfix:postfix:2.4.6
Postfix » Postfix » Version: 2.4.7

cpe:2.3:a:postfix:postfix:2.4.7
Postfix » Postfix » Version: 2.4.8

cpe:2.3:a:postfix:postfix:2.4.8
Postfix » Postfix » Version: 2.5.1

cpe:2.3:a:postfix:postfix:2.5.1
Postfix » Postfix » Version: 2.5.2

cpe:2.3:a:postfix:postfix:2.5.2
Postfix » Postfix » Version: 2.5.3

cpe:2.3:a:postfix:postfix:2.5.3
Postfix » Postfix » Version: 2.6

cpe:2.3:a:postfix:postfix:2.6
Linux » Linux Kernel » Version: 2.6

cpe:2.3:o:linux:linux_kernel:2.6

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2008-3889

Products

Pricing

Contact Us