PT-2024-40077 · Unknown · Swiftmailer

Name of the Vulnerable Software and Affected Versions: SwiftMailer versions prior to 5.2.1 Description: The issue allows for arbitrary shell execution if the From header comes from a non-trusted source and no Return-Path is configured. This can be exploited when using the sendmail transport,...

GHSA-26HQ-7286-MG8F Magento Patch SUPEE-9652 - Remote Code Execution using mail vulnerability

Zend Framework 1 vulnerability can be remotely exploited to execute code in Magento 1. While the issue is not reproducible in Magento 2, the library code is the same so it was fixed as well. Note: while the vulnerability is scored as critical, few systems are affected. To be affected by the...

Magento Patch SUPEE-9652 - Remote Code Execution using mail vulnerability

Zend Framework 1 vulnerability can be remotely exploited to execute code in Magento 1. While the issue is not reproducible in Magento 2, the library code is the same so it was fixed as well. Note: while the vulnerability is scored as critical, few systems are affected. To be affected by the...

PT-2024-40011 · Zend +1 · Zend Framework 1 +1

Name of the Vulnerable Software and Affected Versions: Zend Framework 1 affected versions not specified Magento 1 affected versions not specified Description: The issue allows for remote code execution and is considered critical, although few systems are affected. To be vulnerable, the installati...

RHEL 7 : sendmail (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - sendmail: SMTP smuggling vulnerability CVE-2023-51765 Note that Nessus has not tested for this issue but has instea...

RHEL 6 : sendmail (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - sendmail: SMTP smuggling vulnerability CVE-2023-51765 Note that Nessus has not tested for this issue but has instea...

AIX (IJ50424)

The version of AIX installed on the remote host is prior to APAR IJ50424. It is, therefore, affected by a vulnerability as referenced in the IJ50424 advisory. - sendmail through 8.17.2 allows SMTP smuggling in certain configurations. Remote attackers can use a published exploitation technique to...

AIX (IJ50432)

The version of AIX installed on the remote host is prior to APAR IJ50432. It is, therefore, affected by a vulnerability as referenced in the IJ50432 advisory. - sendmail through 8.17.2 allows SMTP smuggling in certain configurations. Remote attackers can use a published exploitation technique to...

AIX (IJ50433)

The version of AIX installed on the remote host is prior to APAR IJ50433. It is, therefore, affected by a vulnerability as referenced in the IJ50433 advisory. - sendmail through 8.17.2 allows SMTP smuggling in certain configurations. Remote attackers can use a published exploitation technique to...

AIX (IJ50428)

The version of AIX installed on the remote host is prior to APAR IJ50428. It is, therefore, affected by a vulnerability as referenced in the IJ50428 advisory. - sendmail through 8.17.2 allows SMTP smuggling in certain configurations. Remote attackers can use a published exploitation technique to...

Security Bulletin: AIX is vulnerable to email spoofing due to sendmail (CVE-2023-51765)

Summary Vulnerability in sendmail could allow a remote attacker to spoof an email CVE-2023-51765. Vulnerability Details CVEID:CVE-2023-51765 DESCRIPTION: Proofpoint sendmail is vulnerable to SMTP smuggling, caused by improper handling of line endings . in an email message. By sending a specially...

AIX is vulnerable to email spoofing due to sendmail (CVE-2023-51765)

IBM SECURITY ADVISORY First Issued: Thu Apr 11 15:33:45 CDT 2024 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/sendmailadvisory4.asc Security Bulletin: AIX is vulnerable to email spoofing due to sendmail CVE-2023-51765...

ROS-20240408-16

A vulnerability in SendMail SMTP Server software is related to insufficient data authentication data. Exploitation of the vulnerability could allow a remote attacker to bypass the security mechanism and inject e-mail messages with a spoofed MAIL FROM address. security mechanism and inject e-mail...

The vulnerability of the SendMail SMTP server’s software lies in the insufficient verification of data authenticity. This allows attackers to bypass security measures and send emails with fake MAIL FROM addresses.

The vulnerability of the SendMail SMTP server software is related to insufficient verification of data authenticity. Exploiting this vulnerability allows a malicious actor to bypass security mechanisms and send emails with fake MAIL FROM addresses...

openSUSE Security Advisory (SUSE-SU-2024:0743-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES12 Security Update : sendmail (SUSE-SU-2024:0742-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2024:0742-1 advisory. - sendmail through 8.17.2 allows SMTP smuggling in certain configurations. Remote attackers can use a published exploitation technique to...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : sendmail (SUSE-SU-2024:0743-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:0743-1 advisory. - sendmail through 8.17.2 allows SMTP smuggling in certain configurations. Remote attackers can use a...

SUSE-SU-2024:0743-1 Security update for sendmail

This update for sendmail fixes the following issues: - CVE-2023-51765: Fixed new SMTP smuggling attack. bsc1218351...

SUSE-SU-2024:0742-1 Security update for sendmail

This update for sendmail fixes the following issues: - CVE-2023-51765: Fixed new SMTP smuggling attack. bsc1218351...

SMTP Smuggling

sendmail is vulnerable to SMTP Smuggling. The vulnerability is due to injecting email messages with a spoofed MAIL FROM address using sendmail supports . sequence which allows malicious emails to be accepted as legitimate and leads to bypass of SPF protection mechanisms...