Количество 7
Количество 7
CVE-2023-51766
Exim before 4.97.1 allows SMTP smuggling in certain PIPELINING/CHUNKING configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because Exim supports <LF>.<CR><LF> but some other popular e-mail servers do not.
CVE-2023-51766
Exim before 4.97.1 allows SMTP smuggling in certain PIPELINING/CHUNKING configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because Exim supports <LF>.<CR><LF> but some other popular e-mail servers do not.
CVE-2023-51766
Exim before 4.97.1 allows SMTP smuggling in certain PIPELINING/CHUNKIN ...
ROS-20240408-20
Уязвимость exim
GHSA-w6ww-869j-cgm6
Exim through 4.97 allows SMTP smuggling in certain configurations. Remote attackers can use a published exploitation technique to inject e-mail messages that appear to originate from the Exim server, allowing bypass of an SPF protection mechanism. This occurs because Exim supports <LF>.<CR><LF> but some other popular e-mail servers do not.
BDU:2024-00108
Уязвимость реализации протокола SMTP почтового сервера Exim, позволяющая нарушителю обойти политику безопасности SPF (Sender Policy Framework) и отправить скрытый HTTP-запрос (атака типа HTTP Request Smuggling)
openSUSE-SU-2024:0007-1
Security update for exim
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2023-51766 Exim before 4.97.1 allows SMTP smuggling in certain PIPELINING/CHUNKING configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because Exim supports <LF>.<CR><LF> but some other popular e-mail servers do not. | CVSS3: 5.3 | 3% Низкий | больше 1 года назад |
 | CVE-2023-51766 Exim before 4.97.1 allows SMTP smuggling in certain PIPELINING/CHUNKING configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because Exim supports <LF>.<CR><LF> but some other popular e-mail servers do not. | CVSS3: 5.3 | 3% Низкий | больше 1 года назад |
| CVE-2023-51766 Exim before 4.97.1 allows SMTP smuggling in certain PIPELINING/CHUNKIN ... | CVSS3: 5.3 | 3% Низкий | больше 1 года назад |
 | ROS-20240408-20 Уязвимость exim | CVSS3: 5.3 | 3% Низкий | около 1 года назад |
| GHSA-w6ww-869j-cgm6 Exim through 4.97 allows SMTP smuggling in certain configurations. Remote attackers can use a published exploitation technique to inject e-mail messages that appear to originate from the Exim server, allowing bypass of an SPF protection mechanism. This occurs because Exim supports <LF>.<CR><LF> but some other popular e-mail servers do not. | CVSS3: 4.3 | 3% Низкий | больше 1 года назад |
 | BDU:2024-00108 Уязвимость реализации протокола SMTP почтового сервера Exim, позволяющая нарушителю обойти политику безопасности SPF (Sender Policy Framework) и отправить скрытый HTTP-запрос (атака типа HTTP Request Smuggling) | CVSS3: 6.5 | 3% Низкий | больше 1 года назад |
 | openSUSE-SU-2024:0007-1 Security update for exim | больше 1 года назад |
Уязвимостей на страницу