MGASA-2024-0270 Updated sendmail packages fix security vulnerability

sendmail through 8.17.2 allows SMTP smuggling in certain configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because sendmail supports . but some other...

Updated sendmail packages fix security vulnerability

sendmail through 8.17.2 allows SMTP smuggling in certain configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because sendmail supports . but some other...

SUSE SLES12 Security Update : postfix (SUSE-SU-2024:1149-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1149-1 advisory. - Postfix through 3.8.5 allows SMTP smuggling unless configured with smtpddatarestrictions=rejectunauthpipelining and...

ROS-20240408-20

A vulnerability in the smtp service of the Exim mail server is related to the injection of email messages with a spoofed MAIL FROM address, which allows bypassing the SPF protection mechanism. spoofed MAIL FROM address, which allows to bypass SPF protection mechanism. Exploitation of the...

Amazon Linux AMI : postfix (ALAS-2024-1914)

The version of postfix installed on the remote host is prior to 2.6.6-2.17. It is, therefore, affected by a vulnerability as referenced in the ALAS-2024-1914 advisory. Postfix through 3.8.4 allows SMTP smuggling unless configured with smtpddatarestrictions=rejectunauthpipelining and...

Important: postfix

Issue Overview: Postfix through 3.8.4 allows SMTP smuggling unless configured with smtpddatarestrictions=rejectunauthpipelining and smtpddiscardehlokeywords=chunking or certain other options that exist in recent versions. Remote attackers can use a published exploitation technique to inject e-mai...

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 LTS / 23.10 : Postfix update (USN-6591-2)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by a vulnerability as referenced in the USN-6591-2 advisory. USN-6591-1 fixed vulnerabilities in Postfix. A fix with less risk of regression has been made available since the last...

Slackware Linux 15.0 / current sendmail Vulnerability (SSA:2024-031-01)

The version of sendmail installed on the remote host is prior to 8.18.1. It is, therefore, affected by a vulnerability as referenced in the SSA:2024-031-01 advisory. - sendmail through 8.17.2 allows SMTP smuggling in certain configurations. Remote attackers can use a published exploitation...

[SECURITY] [DLA 3725-1] postfix security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3725-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucariès January 30, 2024 https://wiki.debian.org/LTS -...

Debian dla-3725 : postfix - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3725 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3725-1 [email protected] https://www.debian.org/lts/security/...

USN-6611-1: Exim vulnerability

It was discovered that Exim incorrectly handled certain requests. A remote attacker could possibly use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism...

Amazon Linux AMI : exim (ALAS-2024-1908)

The version of exim installed on the remote host is prior to 4.92-1.40. It is, therefore, affected by a vulnerability as referenced in the ALAS-2024-1908 advisory. Exim through 4.97 allows SMTP smuggling in certain configurations. Remote attackers can use a published exploitation technique to...

Amazon Linux 2 : postfix (ALAS-2024-2420)

The version of postfix installed on the remote host is prior to 2.10.1-6. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2420 advisory. Postfix through 3.8.4 allows SMTP smuggling unless configured with smtpddatarestrictions=rejectunauthpipelining and...

Important: postfix

Issue Overview: Postfix through 3.8.4 allows SMTP smuggling unless configured with smtpddatarestrictions=rejectunauthpipelining and smtpddiscardehlokeywords=chunking or certain other options that exist in recent versions. Remote attackers can use a published exploitation technique to inject e-mai...

Important: postfix

Issue Overview: Postfix through 3.8.4 allows SMTP smuggling unless configured with smtpddatarestrictions=rejectunauthpipelining and smtpddiscardehlokeywords=chunking or certain other options that exist in recent versions. Remote attackers can use a published exploitation technique to inject e-mai...

CBL Mariner 2.0 Security Update: postfix (CVE-2023-51764)

The version of postfix installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-51764 advisory. - Postfix through 3.8.5 allows SMTP smuggling unless configured with...

Fedora 39 : exim (2024-1ef6197a49)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-1ef6197a49 advisory. =Security fix for CVE-2023-51766. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus...

Fedora 38 : exim (2024-e0841c83bb)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-e0841c83bb advisory. Security fix for CVE-2023-51766. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus...

Fedora 38 : postfix (2024-5c186175f2)

The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-5c186175f2 advisory. Security fix for CVE-2023-51764. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

Fedora 39 : postfix (2024-c839e7294f)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-c839e7294f advisory. Security fix for CVE-2023-51764. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...