CVE-2023-51764
MEDIUM
5,3
Source: [email protected]
Attack Vector: network
Attack Complexity: low
Privileges Required: none
User Interaction: none
Scope: unchanged
Confidentiality: none
Integrity: low
Availability: none
Description
AI Translation Available
Postfix through 3.8.5 allows SMTP smuggling unless configured with smtpd_data_restrictions=reject_unauth_pipelining and smtpd_discard_ehlo_keywords=chunking (or certain other options that exist in recent versions). Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because Postfix supports <LF>.<CR><LF> but some other popular e-mail servers do not. To prevent attack variants (by always disallowing <LF> without <CR>), a different solution is required, such as the smtpd_forbid_bare_newline=yes option with a Postfix minimum version of 3.5.23, 3.6.13, 3.7.9, 3.8.4, or 3.9.
EPSS (Exploit Prediction Scoring System)
Trend Analysis
EPSS (Exploit Prediction Scoring System)
Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.
EPSS Score
0,2706
Percentile
1,0th
Updated
EPSS Score Trend (Last 90 Days)
345
Insufficient Verification of Data Authenticity
DraftCommon Consequences
Security Scopes Affected:
Integrity
Other
Potential Impacts:
Varies By Context
Unexpected State
Applicable Platforms
Technologies:
ICS/OT
Application
Postfix by Postfix
Version Range Affected
To
3.5.23
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:postfix:postfix:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Postfix by Postfix
Version Range Affected
From
3.7.0
(inclusive)
To
3.7.9
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:postfix:postfix:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Postfix by Postfix
Version Range Affected
From
3.8.0
(inclusive)
To
3.8.4
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:postfix:postfix:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Postfix by Postfix
Version Range Affected
From
3.6.0
(inclusive)
To
3.6.13
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:postfix:postfix:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Enterprise Linux by Redhat
CPE Identifier
View Detailed Analysis
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Fedora by Fedoraproject
CPE Identifier
View Detailed Analysis
cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Fedora by Fedoraproject
CPE Identifier
View Detailed Analysis
cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Enterprise Linux by Redhat
CPE Identifier
View Detailed Analysis
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://access.redhat.com/security/cve/CVE-2023-51764
https://bugzilla.redhat.com/show_bug.cgi?id=2255563
https://fahrplan.events.ccc.de/congress/2023/fahrplan/events/11782.html
https://github.com/duy-31/CVE-2023-51764
https://github.com/eeenvik1/CVE-2023-51764
https://lists.debian.org/debian-lts-announce/2024/01/msg00020.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapr…
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapr…
https://lists.fedoraproject.org/archives/list/[email protected]…
https://lists.fedoraproject.org/archives/list/[email protected]…
https://lwn.net/Articles/956533/
https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide/
https://www.openwall.com/lists/oss-security/2024/01/22/1
https://www.postfix.org/announcements/postfix-3.8.5.html
https://www.postfix.org/smtp-smuggling.html
https://www.youtube.com/watch?v=V8KPV96g1To
http://www.openwall.com/lists/oss-security/2023/12/24/1
http://www.openwall.com/lists/oss-security/2023/12/25/1
http://www.openwall.com/lists/oss-security/2024/05/09/3
https://access.redhat.com/security/cve/CVE-2023-51764
https://bugzilla.redhat.com/show_bug.cgi?id=2255563
https://fahrplan.events.ccc.de/congress/2023/fahrplan/events/11782.html
https://github.com/duy-31/CVE-2023-51764
https://github.com/eeenvik1/CVE-2023-51764
https://lists.debian.org/debian-lts-announce/2024/01/msg00020.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapr…
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapr…
https://lwn.net/Articles/956533/
https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide/
https://www.openwall.com/lists/oss-security/2024/01/22/1
https://www.postfix.org/announcements/postfix-3.8.5.html
https://www.postfix.org/smtp-smuggling.html
https://www.youtube.com/watch?v=V8KPV96g1To
http://www.openwall.com/lists/oss-security/2023/12/24/1
http://www.openwall.com/lists/oss-security/2023/12/25/1
http://www.openwall.com/lists/oss-security/2024/05/09/3