Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com

CVE-2023-51765

Description

sendmail through 8.17.2 allows SMTP smuggling in certain configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because sendmail supports . but some other popular e-mail servers do not. This is resolved in 8.18 and later versions with 'o' in srv_features.

POC

Reference

- https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide/

- https://www.youtube.com/watch?v=V8KPV96g1To

Github

- https://github.com/eeenvik1/CVE-2023-51764

- https://github.com/fkie-cad/nvd-json-data-feeds

- https://github.com/hannob/smtpsmug

- https://github.com/sagredo-dev/qmail