Lucene search
Gentoo FoundationMGASA-2024-0029HistoryFeb 09, 2024 - 4:34 a.m.
Updated postfix packages fix a security vulnerability
2024-02-0904:34:03
Gentoo Foundation
advisories.mageia.org
28
postfix
security vulnerability
smtp smuggling
email spoofing
unix
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
AI Score
6.8
Confidence
Low
EPSS
0.003
Percentile
70.0%
Postfix has been updated to fix smtp smuggling, an email spoofing attack that involves a composition of email services with specific differences in the way they handle line endings other than .
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Mageia | 9 | noarch | postfix | < 3.8.4-1 | postfix-3.8.4-1.mga9 |
Related
nessus
nessus
Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 LTS / 23.10 : Postfix update (USN-6591-2)
2024-01-31 00:00:00
RHEL 6 : postfix (Unpatched Vulnerability)
2024-05-11 00:00:00
CBL Mariner 2.0 Security Update: postfix (CVE-2023-51764)
2024-01-22 00:00:00
prion
prion
Code injection
2023-12-24 05:15:00
osv
osv
postfix update
2024-01-31 13:34:03
postfix - security update
2024-01-30 00:00:00
postfix vulnerability
2024-01-22 12:35:30
cbl_mariner
cbl_mariner
CVE-2023-51764 affecting package postfix for versions less than 3.9.0-1
2024-04-19 22:15:55
CVE-2023-51764 affecting package postfix for versions less than 3.7.0-3
2024-01-19 03:54:24
ubuntu
ubuntu
Postfix update
2024-01-31 00:00:00
Postfix vulnerability
2024-01-22 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2024-0029)
2024-02-09 00:00:00
Debian: Security Advisory (DLA-3725-1)
2024-01-31 00:00:00
Postfix SMTP Smuggling Vulnerability (Dec 2023)
2024-01-10 00:00:00
debiancve
debiancve
CVE-2023-51764
2023-12-24 05:15:08
amazon
amazon
Important: postfix
2024-01-19 01:51:00
Important: postfix
2024-02-01 19:33:00
redos
redos
ROS-20240408-21
2024-04-08 00:00:00
githubexploit
githubexploit
Exploit for Insufficient Verification of Data Authenticity in Postfix
2023-12-26 17:02:20
Exploit for Insufficient Verification of Data Authenticity in Postfix
2024-01-05 07:07:47
Exploit for Insufficient Verification of Data Authenticity in Postfix
2023-12-31 14:33:26
fedora
fedora
[SECURITY] Fedora 39 Update: postfix-3.8.4-1.fc39
2024-01-11 01:17:15
[SECURITY] Fedora 38 Update: postfix-3.7.9-1.fc38
2024-01-11 02:17:04
ubuntucve
ubuntucve
CVE-2023-51764
2023-12-24 00:00:00
cvelist
cvelist
CVE-2023-51764
2023-12-24 00:00:00
nvd
nvd
CVE-2023-51764
2023-12-24 05:15:08
redhatcve
redhatcve
CVE-2023-51764
2023-12-25 22:00:35
veracode
veracode
SMTP Smuggling
2023-12-26 12:49:06
debian
debian
[SECURITY] [DLA 3725-1] postfix security update
2024-01-30 12:49:15
cve
cve
CVE-2023-51764
2023-12-24 05:15:08
cert
cert
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
AI Score
6.8
Confidence
Low
EPSS
0.003
Percentile
70.0%
Related for MGASA-2024-0029