nvd-json-data-feeds/CVE-2023/CVE-2023-517xx/CVE-2023-51765.json

{
  "id": "CVE-2023-51765",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2023-12-24T06:15:07.527",
  "lastModified": "2023-12-26T21:15:07.847",
  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
      "value": "sendmail through at least 8.14.7 allows SMTP smuggling in certain configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because sendmail supports <LF>.<CR><LF> but some other popular e-mail servers do not."
    },
    {
      "lang": "es",
      "value": "sendmail hasta al menos 8.14.7 permite el contrabando SMTP en ciertas configuraciones. Los atacantes remotos pueden utilizar una t\u00e9cnica de explotaci\u00f3n publicada para inyectar mensajes de correo electr\u00f3nico que parecen originarse en el servidor sendmail, lo que permite omitir un mecanismo de protecci\u00f3n SPF. Esto ocurre porque sendmail admite . pero algunos otros servidores de correo electr\u00f3nico populares no lo hacen."
    }
  ],
  "metrics": {},
  "references": [
    {
      "url": "http://www.openwall.com/lists/oss-security/2023/12/24/1",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://www.openwall.com/lists/oss-security/2023/12/25/1",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://www.openwall.com/lists/oss-security/2023/12/26/5",
      "source": "cve@mitre.org"
    },
    {
      "url": "https://access.redhat.com/security/cve/CVE-2023-51765",
      "source": "cve@mitre.org"
    },
    {
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255869",
      "source": "cve@mitre.org"
    },
    {
      "url": "https://bugzilla.suse.com/show_bug.cgi?id=1218351",
      "source": "cve@mitre.org"
    },
    {
      "url": "https://fahrplan.events.ccc.de/congress/2023/fahrplan/events/11782.html",
      "source": "cve@mitre.org"
    },
    {
      "url": "https://github.com/freebsd/freebsd-src/commit/5dd76dd0cc19450133aa379ce0ce4a68ae07fb39#diff-afdf514b32ac88004952c11660c57bc96c3d8b2234007c1cbd8d7ed7fd7935cc",
      "source": "cve@mitre.org"
    },
    {
      "url": "https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide/",
      "source": "cve@mitre.org"
    },
    {
      "url": "https://www.openwall.com/lists/oss-security/2023/12/21/7",
      "source": "cve@mitre.org"
    },
    {
      "url": "https://www.openwall.com/lists/oss-security/2023/12/22/7",
      "source": "cve@mitre.org"
    }
  ]
}