oss-sec mailing list archives
New SMTP smuggling attack
From: Marcus Meissner <meissner () suse de>
Date: Thu, 21 Dec 2023 15:36:33 +0100
Hi, As if we did not have sufficient protocol vulnerability work short before Christmas break this year, here is one more: https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide/ While it looks like "old stuff", this is new quality. tldr: The end of "SMTP data phase" with "<CR><LF>.<CR><LF>" is not consistently implemented everywhere (e.g. when leaving out <CR> or inserting \0 or so) and could lead to one server passing it through and the other processing it, leading to mail spoofing. The security report it for some custom email servers, but at least Postfix announced mitigation work already: https://www.mail-archive.com/postfix-users () postfix org/msg100901.html Ciao, Marcus
Current thread:
- New SMTP smuggling attack Marcus Meissner (Dec 21)
- Re: New SMTP smuggling attack Claus Assmann (Dec 21)
- Re: Re: New SMTP smuggling attack Marcus Meissner (Dec 22)
- Re: Re: New SMTP smuggling attack Stuart Henderson (Dec 22)
- Re: Re: New SMTP smuggling attack Marcus Meissner (Dec 22)
- Re: Re: New SMTP smuggling attack Erik Auerswald (Dec 22)
- Re: Re: New SMTP smuggling attack Rodrigo Freire (Dec 22)
- Re: Re: New SMTP smuggling attack Alexander E. Patrakov (Dec 22)
- Re: Re: New SMTP smuggling attack Erik Auerswald (Dec 22)
- Re: Re: New SMTP smuggling attack Stuart D Gathman (Dec 22)
- Re: Re: New SMTP smuggling attack Harry Sintonen (Dec 22)
- Re: Re: New SMTP smuggling attack Marcus Meissner (Dec 22)
- Re: New SMTP smuggling attack Claus Assmann (Dec 21)