Article ID: 111296, created on May 19, 2011, last review on May 10, 2014

  • Applies to:
  • Plesk 10.x for Linux
  • Plesk 9.x for Linux/Unix

Additional information

Postfix is prone to a memory-corruption vulnerability that affects the SMTP server when Cyrus SASL support is enabled.
An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.
This issue affects the following Postfix version breaches:

2.5.x prior to 2.5.13
2.6.x prior to 2.6.19
2.7.x prior to 2.7.4
2.8.x prior to 2.8.3


Parallels Plesk Panel use Cyrus SASL with Postfix support, but we do not distribute it – we use one provided by an OS vendor.
Updates from OS vendors are available. Please see the references for more information.

SuSE openSUSE 11.4
SuSE openSUSE 11.3
S.u.S.E. openSUSE 11.2


dd0611b6086474193d9bf78e2b293040 a914db3fdc7a53ddcfd1b2db8f5a1b9c 29d1e90fd304f01e6420fbe60f66f838 6ef0db7f1685482449634a455d77d3f4 56797cefb1efc9130f7c48a7d1db0f0c

Email subscription for changes to this article
Save as PDF