VulnerableCode Package Details - pkg:deb/debian/sendmail@8.15.2-8%2Bdeb9u1

Search for packages

Package details: pkg:deb/debian/sendmail@8.15.2-8%2Bdeb9u1

Essentials
History (2)

purl	pkg:deb/debian/sendmail@8.15.2-8%2Bdeb9u1

Next non-vulnerable version	8.17.1.9-2+deb12u2
Latest non-vulnerable version	8.17.1.9-2+deb12u2
Risk	2.4

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-ptnv-fwch-aaag Aliases: CVE-2023-51765	sendmail through at least 8.14.7 allows SMTP smuggling in certain configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because sendmail supports <LF>.<CR><LF> but some other popular e-mail servers do not.	8.15.2-22+deb11u3 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 8.17.2-1~bpo12+1 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-ptnv-fwch-aaag
Aliases:
CVE-2023-51765

sendmail through at least 8.14.7 allows SMTP smuggling in certain configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because sendmail supports <LF>.<CR><LF> but some other popular e-mail servers do not.

8.15.2-22+deb11u3
Affected by 1 other vulnerability.

8.17.2-1~bpo12+1
Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-04-13T01:20:54.134631+00:00	Debian Oval Importer	Affected by	VCID-ptnv-fwch-aaag	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	36.0.0
2025-04-13T00:51:26.585466+00:00	Debian Oval Importer	Affected by	VCID-ptnv-fwch-aaag	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	36.0.0