CVE-2023-29323
Summary
| CVE | CVE-2023-29323 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2023-04-04 23:15:00 UTC |
| Updated | 2023-05-26 20:15:00 UTC |
| Description | ascii_load_sockaddr in smtpd in OpenBSD before 7.1 errata 024 and 7.2 before errata 020, and OpenSMTPD Portable before 7.0.0-portable commit f748277, can abort upon a connection from a local, scoped IPv6 address. |
Risk And Classification
Problem Types: NVD-CWE-noinfo
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/020_smtpd.patch.sig | MISC | ftp.openbsd.org | |
| src/usr.sbin/smtpd/envelope.c - diff - 1.50.4.1 | MISC | cvsweb.openbsd.org | |
| src/usr.sbin/smtpd/envelope.c - diff - 1.49.4.1 | MISC | cvsweb.openbsd.org | |
| ftp.openbsd.org/pub/OpenBSD/patches/7.1/common/024_smtpd.patch.sig | MISC | ftp.openbsd.org | |
| CVE-2023-29323 OpenBSD Vulnerability in NetApp Products | NetApp Product Security | CONFIRM | security.netapp.com | |
| OpenSMTPD/envelope.c at 41d0eae481f538956b1f1fbadfb535043454061f · OpenSMTPD/OpenSMTPD · GitHub | MISC | github.com | |
| src/usr.sbin/smtpd/envelope.c - diff - 1.51 | MISC | cvsweb.openbsd.org | |
| smtpd(8) could abort due to a connection from a local, scoped ipv6 ad… · openbsd/src@f748277 · GitHub | MISC | github.com | |
| bump version to 7.0.0 · OpenSMTPD/OpenSMTPD@41d0eae · GitHub | MISC | github.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 355452 Amazon Linux Security Advisory for opensmtpd : ALAS2023-2023-221