CVSS: 5.3EPSS: 0%CPEs: 8EXPL: 6CVE-2023-51764 – postfix: SMTP smuggling vulnerability
https://notcve.org/view.php?id=CVE-2023-51764
Postfix through 3.8.5 allows SMTP smuggling unless configured with smtpd_data_restrictions=reject_unauth_pipelining and smtpd_discard_ehlo_keywords=chunking (or certain other options that exist in recent versions). Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because Postfix supports <LF>.<CR><LF> but some other popular e-mail servers do not. To prevent attack variants (by always disallowing <LF> without <CR>), a different solution is required, such as the smtpd_forbid_bare_newline=yes option with a Postfix minimum version of 3.5.23, 3.6.13, 3.7.9, 3.8.4, or 3.9. • https://github.com/duy-31/CVE-2023-51764 https://github.com/eeenvik1/CVE-2023-51764 https://github.com/Double-q1015/CVE-2023-51764 https://github.com/d4op/CVE-2023-51764-POC http://www.openwall.com/lists/oss-security/2023/12/24/1 http://www.openwall.com/lists/oss-security/2023/12/25/1 http://www.openwall.com/lists/oss-security/2024/05/09/3 https://access.redhat.com/security/cve/CVE-2023-51764 https://bugzilla.redhat.com/show_bug.cgi?id=2255563 http • CWE-345: Insufficient Verification of Data Authenticity CWE-451: User Interface (UI) Misrepresentation of Critical Information •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 1CVE-2023-51765
https://notcve.org/view.php?id=CVE-2023-51765
sendmail through 8.17.2 allows SMTP smuggling in certain configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because sendmail supports <LF>.<CR><LF> but some other popular e-mail servers do not. This is resolved in 8.18 and later versions with 'o' in srv_features. sendmail hasta al menos 8.14.7 permite el contrabando SMTP en ciertas configuraciones. • http://www.openwall.com/lists/oss-security/2023/12/24/1 http://www.openwall.com/lists/oss-security/2023/12/25/1 http://www.openwall.com/lists/oss-security/2023/12/26/5 http://www.openwall.com/lists/oss-security/2023/12/29/5 http://www.openwall.com/lists/oss-security/2023/12/30/1 http://www.openwall.com/lists/oss-security/2023/12/30/3 https://access.redhat.com/security/cve/CVE-2023-51765 https://bugzilla.redhat.com/show_bug.cgi?id=2255869 ht • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 0CVE-2023-6546 – Kernel: gsm multiplexing race condition leads to privilege escalation
https://notcve.org/view.php?id=CVE-2023-6546
A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the GSMIOC_SETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled, and can lead to a use-after-free problem on a struct gsm_dlci while restarting the gsm mux. This could allow a local unprivileged user to escalate their privileges on the system. Se encontró una condición de ejecución en el multiplexor tty GSM 0710 en el kernel de Linux. Este problema ocurre cuando dos subprocesos ejecutan GSMIOC_SETCONF ioctl en el mismo descriptor de archivo tty con la disciplina de línea gsm habilitada y puede provocar un problema de use after free en una estructura gsm_dlci al reiniciar gsm mux. • http://www.openwall.com/lists/oss-security/2024/04/10/18 http://www.openwall.com/lists/oss-security/2024/04/10/21 http://www.openwall.com/lists/oss-security/2024/04/11/7 http://www.openwall.com/lists/oss-security/2024/04/11/9 http://www.openwall.com/lists/oss-security/2024/04/12/1 http://www.openwall.com/lists/oss-security/2024/04/12/2 http://www.openwall.com/lists/oss-security/2024/04/16/2 http://www.openwall.com/lists/oss-security/20 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 5.3EPSS: 0%CPEs: 6EXPL: 0CVE-2023-6918 – Libssh: missing checks for return values for digests
https://notcve.org/view.php?id=CVE-2023-6918
A flaw was found in the libssh implements abstract layer for message digest (MD) operations implemented by different supported crypto backends. The return values from these were not properly checked, which could cause low-memory situations failures, NULL dereferences, crashes, or usage of the uninitialized memory as an input for the KDF. In this case, non-matching keys will result in decryption/integrity failures, terminating the connection. Se encontró un fallo en la capa abstracta de implementación de libssh para operaciones de resumen de mensajes (MD) implementadas por diferentes backends criptográficos compatibles. Los valores de retorno de estos no se verificaron correctamente, lo que podría causar fallas en situaciones de poca memoria, desreferencias NULL, fallas o uso de la memoria no inicializada como entrada para el KDF. • https://access.redhat.com/errata/RHSA-2024:2504 https://access.redhat.com/errata/RHSA-2024:3233 https://access.redhat.com/security/cve/CVE-2023-6918 https://bugzilla.redhat.com/show_bug.cgi?id=2254997 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB https://www.libssh.org/2023/12/18/libssh-0-10-6-and-libssh- • CWE-252: Unchecked Return Value •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-6228 – Libtiff: heap-based buffer overflow in cpstriptotile() in tools/tiffcp.c
https://notcve.org/view.php?id=CVE-2023-6228
An issue was found in the tiffcp utility distributed by the libtiff package where a crafted TIFF file on processing may cause a heap-based buffer overflow leads to an application crash. Se encontró un problema en la utilidad tiffcp distribuida por el paquete libtiff donde un archivo TIFF manipulado durante el procesamiento puede provocar un desbordamiento de búfer de almacenamiento dinámico y provocar un bloqueo de la aplicación. • https://access.redhat.com/errata/RHSA-2024:2289 https://access.redhat.com/security/cve/CVE-2023-6228 https://bugzilla.redhat.com/show_bug.cgi?id=2240995 https://access.redhat.com/errata/RHSA-2024:5079 • CWE-787: Out-of-bounds Write •