Overview
- Description
- Postfix through 3.8.5 allows SMTP smuggling unless configured with smtpd_data_restrictions=reject_unauth_pipelining and smtpd_discard_ehlo_keywords=chunking (or certain other options that exist in recent versions). Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because Postfix supports <LF>.<CR><LF> but some other popular e-mail servers do not. To prevent attack variants (by always disallowing <LF> without <CR>), a different solution is required, such as the smtpd_forbid_bare_newline=yes option with a Postfix minimum version of 3.5.23, 3.6.13, 3.7.9, 3.8.4, or 3.9.
- Source
- cve@mitre.org
- NVD status
- Modified
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 5.3
- Impact score
- 1.4
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
- Severity
- MEDIUM
Weaknesses
- nvd@nist.gov
- CWE-345
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:postfix:postfix:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0598FFA3-9DB8-4D01-9049-3834B6B53000",
"versionEndExcluding": "3.5.23"
},
{
"criteria": "cpe:2.3:a:postfix:postfix:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7AD4364D-F93C-499E-8ECA-5228354D20B6",
"versionEndExcluding": "3.6.13",
"versionStartIncluding": "3.6.0"
},
{
"criteria": "cpe:2.3:a:postfix:postfix:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7174307B-1249-47B5-BE66-9194AC26BA15",
"versionEndExcluding": "3.7.9",
"versionStartIncluding": "3.7.0"
},
{
"criteria": "cpe:2.3:a:postfix:postfix:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7A422C34-3E0E-4C3F-8EA9-4F442D88057D",
"versionEndExcluding": "3.8.4",
"versionStartIncluding": "3.8.0"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
}
],
"operator": "OR"
}
]
}
]