jwildeboer, (edited ) The #SMTPSmuggling attack is being mitigated and tracked in the following CVEs:
- CVE-2023-51764 postfix
- CVE-2023-51765 sendmail
- CVE-2023-51766 exim
All three CVEs have been filed today by the community and NOT by SEC consult who discovered the flaw in June 2023 but decided to not share their findings with postfix, sendmail or exim. Only after they published their post on 2023-12-18, the communities have become aware and are now working hard to fix what is now more a 0day :(
Add comment