Sendmail and Postfix Version Vulnerability Check

漏洞信息

漏洞名称: Sendmail and Postfix Version Vulnerability Check

漏洞类型: 配置问题

漏洞等级: 中危

漏洞描述: Sendmail和Postfix是广泛使用的邮件传输代理(MTA),负责电子邮件的发送、接收和路由。Sendmail作为历史悠久的MTA,在多种Unix-like系统中都有部署;而Postfix则以其安全性和性能著称,是现代系统中常见的替代选择。两者在企业和个人环境中都有广泛应用,是电子邮件基础设施的关键组件。该漏洞检查模板旨在识别系统中运行的Sendmail和Postfix版本,以检测是否存在已知的安全漏洞。未打补丁的版本可能包含多种严重漏洞,如缓冲区溢出、权限提升或信息泄露等。这些漏洞的根源在于软件版本过旧,未能包含最新的安全修复。攻击者可能利用这些漏洞执行远程代码、获取敏感信息或破坏服务,具体影响取决于漏洞的性质和系统的配置。由于这些服务通常以高权限运行,漏洞的利用可能导致整个系统的安全受到威胁。检查过程通过检测进程存在和版本标识符来进行,帮助管理员评估系统的安全状态并及时采取补救措施。

产品名称: Sendmail and Postfix

来源: https://github.com/projectdiscovery/nuclei-templates/blob/1dc5e4c5a7e3689548a72d7cb2a00b803fccc824/misconfiguration%2Flinux%2Fcheck-sendmail-postfix-version.yaml

类型: projectdiscovery/nuclei-templates:github issues

POC详情

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81

id: check-sendmail-postfix-version

info:
  name: Sendmail and Postfix Version Vulnerability Check
  author: songyaeji
  severity: medium
  description: >
    This template checks if the versions of Sendmail and Postfix are being used and whether they are likely outdated.
    Unpatched versions may contain critical vulnerabilities such as buffer overflows, privilege escalation, or information disclosure.
    It checks process presence and version indicators to help determine patch status.
  reference:
    - https://isms.kisa.or.kr
    - Cloud Vulnerability Assessment Guide(2024) by KISA
  tags: linux,sendmail,postfix,version,local
  metadata:
    verified: true
    os: linux
    max-request: 3
  classification:
    cvss-metrics: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 7.8
    cwe-id: CWE-937

self-contained: true
code:
  - engine:
      - bash
    source: |
      ps -ef | grep sendmail | grep -v grep || echo "sendmail-not-running"
    matchers:
      - type: word
        part: code_1_response
        words:
          - "sendmail"
        condition: contains

  - engine:
      - bash
    source: |
      cat /etc/mail/sendmail.cf 2>/dev/null | grep "^DZ" || echo "no-dz-entry"
    matchers:
      - type: word
        part: code_2_response
        words:
          - "DZ"
        condition: contains

  - engine:
      - bash
    source: |
      systemctl status postfix 2>/dev/null | grep "postfix" || echo "postfix-not-running"
    matchers:
      - type: word
        part: code_3_response
        words:
          - "postfix"
        condition: contains

  - engine:
      - bash
    source: |
      postfix status 2>/dev/null | grep "postfix-script" || echo "no-script"
    matchers:
      - type: word
        part: code_4_response
        words:
          - "postfix-script"
        condition: contains

  - engine:
      - bash
    source: |
      postconf -d 2>/dev/null | grep mail_version || echo "no-mail-version"
    matchers:
      - type: word
        part: code_5_response
        words:
          - "mail_version"
        condition: contains

Github Poc
#projectdiscovery/nuclei-templates:github issues #配置问题
Sendmail and Postfix Version Vulnerability Check
http://example.com/2025/07/29/github_1952128333/
作者
lianccc
发布于
2025年7月29日
许可协议