Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2023-51766HistoryDec 24, 2023 - 6:15 a.m.
CVE-2023-51766
2023-12-2406:15:07
Debian Security Bug Tracker
security-tracker.debian.org
31
exim
smtp smuggling
spoofed address
spf protection
e-mail servers
security vulnerability
Exim before 4.97.1 allows SMTP smuggling in certain PIPELINING/CHUNKING configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because Exim supports <LF>.<CR><LF> but some other popular e-mail servers do not.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | exim4 | < 4.96-15+deb12u4 | exim4_4.96-15+deb12u4_all.deb |
| Debian | 11 | all | exim4 | < 4.94.2-7+deb11u2 | exim4_4.94.2-7+deb11u2_all.deb |
| Debian | 10 | all | exim4 | < 4.92-8+deb10u9 | exim4_4.92-8+deb10u9_all.deb |
| Debian | 999 | all | exim4 | < 4.97-3 | exim4_4.97-3_all.deb |
| Debian | 13 | all | exim4 | < 4.97-3 | exim4_4.97-3_all.deb |
Related
veracode
veracode
Insufficient Verification Of Data Authenticity
2023-12-26 12:49:28
cvelist
cvelist
CVE-2023-51766
2023-12-24 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-5597-1)
2024-01-12 00:00:00
Exim < 4.97.1 SMTP Smuggling Vulnerability (Dec 2023)
2024-01-10 00:00:00
Fedora: Security Advisory for exim (FEDORA-2024-e0841c83bb)
2024-01-18 00:00:00
nessus
nessus
Fedora 39 : exim (2024-1ef6197a49)
2024-01-11 00:00:00
Amazon Linux AMI : exim (ALAS-2024-1908)
2024-01-23 00:00:00
Fedora 38 : exim (2024-e0841c83bb)
2024-01-11 00:00:00
alpinelinux
alpinelinux
CVE-2023-51766
2023-12-24 06:15:07
ubuntucve
ubuntucve
CVE-2023-51766
2023-12-24 00:00:00
cve
cve
CVE-2023-51766
2023-12-24 06:15:07
prion
prion
Code injection
2023-12-24 06:15:00
osv
osv
CVE-2023-51766
2023-12-24 06:15:07
amazon
amazon
Important: exim
2024-01-19 01:19:00
fedora
fedora
[SECURITY] Fedora 39 Update: exim-4.97.1-1.fc39
2024-01-12 01:12:17
[SECURITY] Fedora 38 Update: exim-4.97.1-1.fc38
2024-01-12 01:00:14
redos
redos
ROS-20240408-20
2024-04-08 00:00:00
wolfi
wolfi
CVE-2023-51766 vulnerabilities
2024-06-03 09:07:41
cgr
cgr
CVE-2023-51766 vulnerabilities
2024-05-19 03:07:16
cert
cert
gentoo
gentoo
Exim: Multiple Vulnerabilities
2024-02-18 00:00:00