CLSA-2026-1778834899 postfix: Fix of CVE-2023-51764

CVE-2023-51764: fix SMTP smuggling backport of 2.11.11-smuggling-patch...

Astra Linux – Vulnerability in exim4

Before version 4.97.1, Exim allowed SMTP smuggling in certain pipeline/chunking configurations. Remote attackers could use a known exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, thereby bypassing an SPF protection mechanism. This issue arises because Exim...

OESA-2024-1927 exim security update

Exim is a message transfer agent MTA developed at the University of Cambridge for use on Unix systems connected to the Internet. It is freely available under the terms of the GNU General Public Licence. In style it is similar to Smail 3, but its facilities are more general. There is a great deal ...

OESA-2024-1322 python-aiosmtpd security update

This is a server for SMTP and related protocols, similar in utility to the standard library's smtpd.py module, but rewritten to be based on asyncio for Python 3. Security Fixes: aiosmtpd is a reimplementation of the Python stdlib smtpd.py based on asyncio. aiosmtpd is vulnerable to inbound SMTP...

OESA-2024-1320 python-aiosmtpd security update

This is a server for SMTP and related protocols, similar in utility to the standard library's smtpd.py module, but rewritten to be based on asyncio for Python 3. Security Fixes: aiosmtpd is a reimplementation of the Python stdlib smtpd.py based on asyncio. aiosmtpd is vulnerable to inbound SMTP...

UBUNTU-CVE-2024-27305

aiosmtpd is a reimplementation of the Python stdlib smtpd.py based on asyncio. aiosmtpd is vulnerable to inbound SMTP smuggling. SMTP smuggling is a novel vulnerability based on not so novel interpretation differences of the SMTP protocol. By exploiting SMTP smuggling, an attacker may send...

aiosmtpd Data Forgery Issue Vulnerability

aiosmtpd is an asyncio-based SMTP server. aiosmtpd is vulnerable to a data forgery issue that stems from the presence of an SMTP smuggling vulnerability...

PT-2024-22152 · Postal · Postal

Name of the Vulnerable Software and Affected Versions: Postal versions less than 3.0.0 Description: The issue allows for SMTP Smuggling attacks, which may enable incoming e-mails to be spoofed. This could allow an incoming e-mail to be received by Postal, appearing to be from a server that a user...

AZL-32295 CVE-2023-51765 affecting package sendmail 8.15.2-46

sendmail through 8.17.2 allows SMTP smuggling in certain configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because sendmail supports . but some other...

DEBIAN-CVE-2023-51766

Exim before 4.97.1 allows SMTP smuggling in certain PIPELINING/CHUNKING configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because Exim supports . but...

AZL-32296 CVE-2023-51764 affecting package postfix for versions less than 3.7.0-3

Postfix through 3.8.5 allows SMTP smuggling unless configured with smtpddatarestrictions=rejectunauthpipelining and smtpddiscardehlokeywords=chunking or certain other options that exist in recent versions. Remote attackers can use a published exploitation technique to inject e-mail messages with ...

Postfix Data Forgery Issue Vulnerability

Postfix is an open source mail transfer agent. A data forgery issue vulnerability exists in versions prior to Postfix 3.8.4, which stems from a vulnerability that allows an attacker to bypass the SPF protection mechanism for SMTP smuggling...

Exim Security Vulnerabilities

Exim is an open source messaging agent MTA running on Unix systems that routes, forwards and delivers mail. A security vulnerability exists in Exim 4.97 and earlier versions, which stems from a vulnerability that allows an attacker to bypass the SPF protection mechanism for SMTP smuggling...