Main Vulnerability Database Exploits ID:10555 - Exploit for Command Injection in Postfix - CVE-2023-51764

ID:10555 - Exploit for Command Injection in Postfix - CVE-2023-51764

Published: October 9, 2024

Vulnerability identifier: #VU84727

Vulnerability risk: Medium

CVE-ID: CVE-2023-51764

CWE-ID: CWE-77

Exploitation vector: Remote access

Vulnerable software:
Postfix

Link to public exploit:

https://github.com/eeenvik1/CVE-2023-51764

Vulnerability description

The vulnerability allows a remote attacker to spoof email messages.

The vulnerability exists due to an error when handling line endings other than <CR><LF>. A remote attacker can spoof contents of email message and bypass SPF protection mechanism.

Remediation

Install updates from vendor's website.

ID:10555 - Exploit for Command Injection in Postfix - CVE-2023-51764

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human