Sendmail Sendmail 8.15.4

CPE Details

Sendmail Sendmail 8.15.4
8.15.4
2009-05-12
16h26 +00:00
2009-05-12
16h26 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:sendmail:sendmail:8.15.4:*:*:*:*:*:*:*

Informations

Vendor

sendmail

Product

sendmail

Version

8.15.4

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2023-51765 2023-12-23 23h00 +00:00 sendmail through 8.17.2 allows SMTP smuggling in certain configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because sendmail supports . but some other popular e-mail servers do not. This is resolved in 8.18 and later versions with 'o' in srv_features.
5.3
Medium
CVE-2021-3618 2022-03-22 23h00 +00:00 ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
7.4
High