CVE-2023-51766

Summary

CVE	CVE-2023-51766
State	PUBLISHED
Assigner	Unknown
Source Priority	CVE Program / NVD first with legacy fallback
Published	2023-12-24 06:15:00 UTC
Updated	2024-02-02 02:22:00 UTC
Description	Description unavailable.

Risk And Classification

Problem Types: CWE-345

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Operating System	Debian	Debian Linux	10.0	All	All	All
Application	Exim	Exim	All	All	All	All
Application	Fedoraproject	Extra Packages For Enterprise Linux	7.0	All	All	All
Application	Fedoraproject	Extra Packages For Enterprise Linux	8.0	All	All	All
Application	Fedoraproject	Extra Packages For Enterprise Linux	9.0	All	All	All
Operating System	Fedoraproject	Fedora	38	All	All	All
Operating System	Fedoraproject	Fedora	39	All	All	All

References

Reference	Source	Link	Tags
oss-security - Re: Re: New SMTP smuggling attack		www.openwall.com	Mailing List, Third Party Advisory
[SECURITY] Fedora 38 Update: exim-4.97.1-1.fc38 - package-announce - Fedora Mailing-Lists		lists.fedoraproject.org	Mailing List, Third Party Advisory
www.youtube.com/watch		www.youtube.com
git.exim.org Git - exim.git/commit		git.exim.org	Patch
Smuggling email inside of email [LWN.net]		lwn.net	Third Party Advisory
oss-security - Re: Re: New SMTP smuggling attack		www.openwall.com
oss-security - Re: Re: New SMTP smuggling attack		www.openwall.com
404 Not Found		exim.org
2255852 – (CVE-2023-51766) CVE-2023-51766 exim: SMTP smuggling vulnerability		bugzilla.redhat.com	Issue Tracking, Third Party Advisory
[oss-security] 20231229 CVE-2023-51766: Exim: SMTP smuggling		www.openwall.com	Mailing List, Mitigation, Third Party Advisory
[oss-security] 20240101 Re: CVE-2023-51766: Exim: SMTP smuggling		www.openwall.com	Mailing List, Third Party Advisory
github.com/Exim/exim/blob/master/doc/doc-txt/cve-2023-51766		github.com	Mitigation, Vendor Advisory
Bug 3063 – Partially vulnerable to "SMTP Smuggling" if pipelining is enabled and chunking is disabled/unused		bugs.exim.org
[debian-lts-announce] 20240105 [SECURITY] [DLA 3708-1] exim4 security update		lists.debian.org
[oss-security] 20240101 Re: CVE-2023-51766: Exim: SMTP smuggling		www.openwall.com	Mailing List, Third Party Advisory
fahrplan.events.ccc.de/congress/2023/fahrplan/events/11782.html		fahrplan.events.ccc.de	Technical Description
[oss-security] 20240101 Re: CVE-2023-51766: Exim: SMTP smuggling		www.openwall.com	Mailing List, Third Party Advisory
git.exim.org Git - exim.git/commit		git.exim.org	Patch
[SECURITY] Fedora 39 Update: exim-4.97.1-1.fc39 - package-announce - Fedora Mailing-Lists		lists.fedoraproject.org	Mailing List, Third Party Advisory
SMTP Smuggling - Spoofing E-Mails Worldwide - SEC Consult		sec-consult.com
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

Legacy QID Mappings

200078 Ubuntu Security Notification for Exim Vulnerability (USN-6611-1)
284853 Fedora Security Update for exim (FEDORA-2024-e0841c83bb)
285064 Fedora Security Update for exim (FEDORA-2024-1ef6197a49)
357042 Amazon Linux Security Advisory for exim : ALAS-2024-1908
50135 Exim Mail Server Simple Mail Transfer Protocol (SMTP) Smuggling Vulnerability
506046 Alpine Linux Security Update for exim
6000423 Debian Security Update for exim4 (DSA 5597-1)
6000425 Debian Security Update for exim4 (DLA 3708-1)
710867 Gentoo Linux Exim Multiple Vulnerabilities (GLSA 202402-18)