Detections
Analytics

FreeBSD : spamdyke -- open relay (555ac165-2bee-11dd-bbdc-00e0815b8da8)

medium Nessus Plugin ID 32449

Synopsis

The remote FreeBSD host is missing a security-related update.

Description

Spamdyke Team reports :

Fixed smtp_filter() to reject the DATA command if no valid recipients have been specified. Otherwise, a specific scenario could result in every spamdyke installation being used as an open relay. If the remote server connects and gives one or more recipients that are rejected (for relaying or blacklisting), then gives the DATA command, spamdyke will ignore all other commands, assuming that message data is being transmitted. However, because all of the recipients were rejected, qmail will reject the DATA command. From that point on, the remote server can give as many recipients as it likes and spamdyke will ignore them all -- they will not be filtered at all. After that, the remote server can give the DATA command and send the actual message data. Because spamdyke is controlling relaying, the RELAYCLIENT environment variable is set and qmail won't check for relaying either.
Thanks to Mirko Buffoni for reporting this one.

Solution

Update the affected package.

See Also

https://www.spamdyke.org/documentation/Changelog.txt

http://www.nessus.org/u?35463213

Plugin Details

Severity: Medium

ID: 32449

File Name: freebsd_pkg_555ac1652bee11ddbbdc00e0815b8da8.nasl

Version: 1.15

Type: local

Published: 5/28/2008

Updated: 1/6/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.7

CVSS v2

Risk Factor: Medium

Base Score: 6.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:spamdyke, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 5/27/2008

Vulnerability Publication Date: 5/21/2008

Reference Information

CVE: CVE-2008-2784

CWE: 264