Lucene search
K

19 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.10 views

Amazon Linux 2023 : sendmail, sendmail-cf, sendmail-milter (ALAS2023-2026-1818)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1818 advisory. sendmail through at least 8.14.7 allows SMTP smuggling in certain configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address,...

5.3CVSS5.5AI score0.01073EPSS
Exploits2References4
OSV
OSV
added 2024/08/02 11:8 a.m.3 views

OESA-2024-1928 exim security update

Exim is a message transfer agent MTA developed at the University of Cambridge for use on Unix systems connected to the Internet. It is freely available under the terms of the GNU General Public Licence. In style it is similar to Smail 3, but its facilities are more general. There is a great deal ...

5.3CVSS6.8AI score0.01072EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2024/06/26 1:32 p.m.5 views

Astra Linux – Vulnerability in exim4

Before version 4.97.1, Exim allowed SMTP smuggling in certain pipeline/chunking configurations. Remote attackers could use a known exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, thereby bypassing an SPF protection mechanism. This issue arises because Exim...

5.3CVSS6.8AI score0.01072EPSS
Exploits1References3
Redos
Redos
added 2024/04/08 12:0 a.m.27 views

ROS-20240408-16

A vulnerability in SendMail SMTP Server software is related to insufficient data authentication data. Exploitation of the vulnerability could allow a remote attacker to bypass the security mechanism and inject e-mail messages with a spoofed MAIL FROM address. security mechanism and inject e-mail...

5.3CVSS6.9AI score0.01073EPSS
Exploits2
Redos
Redos
added 2024/04/08 12:0 a.m.32 views

ROS-20240408-21

A vulnerability in the smtp service of the Exim mail server is related to the injection of email messages with a spoofed MAIL FROM address, which allows bypassing the SPF protection mechanism. spoofed MAIL FROM address, which allows to bypass SPF protection mechanism. Exploitation of the...

5.3CVSS7.3AI score0.02598EPSS
Exploits4
Tenable Nessus
Tenable Nessus
added 2024/01/31 12:0 a.m.34 views

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 LTS / 23.10 : Postfix update (USN-6591-2)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by a vulnerability as referenced in the USN-6591-2 advisory. USN-6591-1 fixed vulnerabilities in Postfix. A fix with less risk of regression has been made available since the last...

5.3CVSS5.6AI score0.02598EPSS
Exploits4References2
OSV
OSV
added 2024/01/29 10:52 a.m.5 views

USN-6611-1 exim4 vulnerability

It was discovered that Exim incorrectly handled certain requests. A remote attacker could possibly use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism...

5.3CVSS7.3AI score0.01072EPSS
Exploits1References2
Amazon
Amazon
added 2024/01/22 12:0 a.m.36 views

Important: exim

Issue Overview: Exim through 4.97 allows SMTP smuggling in certain configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because Exim supports . but some...

5.3CVSS7.7AI score0.01072EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2024/01/11 12:0 a.m.39 views

Fedora 38 : exim (2024-e0841c83bb)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-e0841c83bb advisory. Security fix for CVE-2023-51766. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus...

5.3CVSS7.3AI score0.01072EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2023/12/25 2:10 a.m.4 views

SUSE CVE-2023-51764

Postfix through 3.8.5 allows SMTP smuggling unless configured with smtpddatarestrictions=rejectunauthpipelining and smtpddiscardehlokeywords=chunking or certain other options that exist in recent versions. Remote attackers can use a published exploitation technique to inject e-mail messages with ...

5.3CVSS6.8AI score0.02598EPSS
Exploits4References8
SUSE CVE
SUSE CVE
added 2023/12/25 2:10 a.m.3 views

SUSE CVE-2023-51765

sendmail through 8.17.2 allows SMTP smuggling in certain configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because sendmail supports . but some other...

5.3CVSS6.9AI score0.01073EPSS
Exploits2References6
ATTACKERKB
ATTACKERKB
added 2023/12/24 6:15 a.m.4 views

CVE-2023-51765

sendmail through 8.17.2 allows SMTP smuggling in certain configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because sendmail supports . but some other...

5.3CVSS5.8AI score0.01073EPSS
Exploits2References18
OSV
OSV
added 2023/12/24 6:15 a.m.1 views

DEBIAN-CVE-2023-51766

Exim before 4.97.1 allows SMTP smuggling in certain PIPELINING/CHUNKING configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because Exim supports . but...

5.3CVSS7.2AI score0.01072EPSS
Exploits1References1
OSV
OSV
added 2023/12/24 6:15 a.m.2 views

DEBIAN-CVE-2023-51765

sendmail through 8.17.2 allows SMTP smuggling in certain configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because sendmail supports . but some other...

5.3CVSS5.5AI score0.01073EPSS
Exploits2References1
OSV
OSV
added 2023/12/24 6:15 a.m.7 views

AZL-32295 CVE-2023-51765 affecting package sendmail 8.15.2-46

sendmail through 8.17.2 allows SMTP smuggling in certain configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because sendmail supports . but some other...

5.3CVSS6AI score0.01073EPSS
Exploits2References1
Prion
Prion
added 2023/12/24 6:15 a.m.24 views

Code injection

sendmail through 8.17.2 allows SMTP smuggling in certain configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because sendmail supports . but some other...

5CVSS6.9AI score0.01073EPSS
Exploits2References16Affected Software3
UbuntuCve
UbuntuCve
added 2023/12/24 6:15 a.m.53 views

CVE-2023-51765

sendmail through 8.17.2 allows SMTP smuggling in certain configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because sendmail supports . but some other...

5.3CVSS6.1AI score0.01073EPSS
Exploits2References4
OSV
OSV
added 2023/12/24 5:15 a.m.6 views

AZL-35110 CVE-2023-51764 affecting package postfix for versions less than 3.9.0-1

Postfix through 3.8.5 allows SMTP smuggling unless configured with smtpddatarestrictions=rejectunauthpipelining and smtpddiscardehlokeywords=chunking or certain other options that exist in recent versions. Remote attackers can use a published exploitation technique to inject e-mail messages with ...

5.3CVSS6AI score0.02598EPSS
Exploits4References1
Positive Technologies
Positive Technologies
added 2023/12/23 12:0 a.m.4 views

PT-2023-8848 · Sendmail +5 · Sendmail +5

Name of the Vulnerable Software and Affected Versions: sendmail versions 8.14.7 through 8.17.2 Description: The issue allows SMTP smuggling in certain configurations, enabling remote attackers to inject e-mail messages with a spoofed MAIL FROM address. This bypasses an SPF protection mechanism...

7.4CVSS7.7AI score0.02037EPSS
Exploits2References70
Rows per page
Query Builder