14 matches found
USN-8382-1: Exim vulnerabilities
Timo Longin discovered that Exim incorrectly handled certain SMTP messages in PIPELINING/CHUNKING configurations. A remote attacker could possibly use this issue to perform SMTP smuggling. This issue only affected Ubuntu 14.04 LTS. CVE-2023-51766 It was discovered that Exim incorrectly handled...
Linux Distros Unpatched Vulnerability : CVE-2023-51766
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Exim before 4.97.1 allows SMTP smuggling in certain PIPELINING/CHUNKING configurations. Remote attackers can use a published exploitation technique to inject...
Debian dla-3708 : exim4 - security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3708 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3708-1 [email protected] https://www.debian.org/lts/security/...
openSUSE Security Advisory (openSUSE-SU-2024:0007-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux AMI : exim (ALAS-2024-1908)
The version of exim installed on the remote host is prior to 4.92-1.40. It is, therefore, affected by a vulnerability as referenced in the ALAS-2024-1908 advisory. Exim through 4.97 allows SMTP smuggling in certain configurations. Remote attackers can use a published exploitation technique to...
Important: exim
Issue Overview: Exim through 4.97 allows SMTP smuggling in certain configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because Exim supports . but some...
Fedora: Security Advisory (FEDORA-2024-1ef6197a49)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 38 : exim (2024-e0841c83bb)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-e0841c83bb advisory. Security fix for CVE-2023-51766. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus...
[SECURITY] [DLA 3708-1] exim4 security update
Debian LTS Advisory DLA-3708-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany January 05, 2024 https://wiki.debian.org/LTS Package : exim4 Version : 4.92-8+deb10u9 CVE ID : CVE-2023-51766 Debian Bug : 1059387 It was discovered that Exim, a mail transport agent, c...
[SECURITY] [DSA 5597-1] exim4 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5597-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 04, 2024 https://www.debian.org/security/faq -...
CVE-2023-51766
creationtimestamp| type| source ---|---|--- 2023-12-24 07:31:57+00:00| seen| https://t.me/ctinow/158939 2024-01-04 05:54:19+00:00| seen| https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus1/2024 2024-01-18 17:22:24+00:00| seen| https://t.me/ctinow/169837 2024-02-02 08:16:24+00:00| seen|...
CVE-2023-51766 vulnerabilities
Vulnerabilities for packages: exim...
CVE-2023-51766 vulnerabilities
Vulnerabilities for packages: exim...
CVE-2023-51766
Exim before 4.97.1 is vulnerable to SMTP smuggling in specific PIPELINING/CHUNKING configurations, enabling a remote attacker to inject messages with a spoofed MAIL FROM and bypass SPF. The root cause cited across multiple sources is that Exim handles end-of-data sequences using . in ways that so...