HP has released security updates to address vulnerabilities in its multiple products. Exploitation of these vulnerabilities may allow an attacker to take control of an affected system.

Users and Administrators are encouraged to review HP Security Advisory HPSBHF03882 and apply necessary updates.

Palo Alto has released security updates to address a vulnerability in PAN-OS. Exploitation of this vulnerability may allow an attacker to take control of an affected system.

Users and Administrators are encouraged to review Palo Alto Security Advisory for  CVE-2023-48795 and apply necessary updates.

Mageia has released security updates to address vulnerabilities in dkms-anbox package. Exploitation of these vulnerabilities may allow an attacker to take control of an affected system.

Users and Administrators are encouraged to review Mageia Security Advisory and apply necessary updates.

Advisory No: TZCERT/SA/2023/01/08

Date of First Release: 8^th January 2024

Source: SMTP servers

Software Affected: POSTFIX in SMTP

Overview:

The vulnerability exists because a flaw was found in some SMTP server configurations in Postfix. This issue may allow a remote attacker to break out of the email message data to “smuggle” SMTP commands and send spoofed emails that pass SPF checks.

Description:

By exploiting interpretation differences of the SMTP protocol, it is possible to smuggle/send spoofed e-mails – hence SMTP smuggling – while still passing SPF alignment checks.

Through exploiting variations in the interpretation of the SMTP protocol, it becomes feasible to transmit or send spoofed e-mails, a phenomenon known as SMTP smuggling, while still passing SPF alignment checks.

During this research, two types of SMTP smuggling, outbound and inbound, were discovered. These allowed sending spoofed e-mails from millions of domains (e.g., admin[@]outlook.com) to millions of receiving SMTP servers.

Impact:

Successful exploitation of this vulnerability may allow a remote attacker to break out of the email message data to “smuggle” SMTP commands and send spoofed emails that pass SPF checks.

Solution:

A workaround for this vulnerability has been released. Users and administrators are encouraged to apply necessary updates.

Workaround: https://bugzilla.redhat.com/show_bug.cgi?id=2255563

References:

1. https://www.postfix.org/smtp-smuggling.html
2. https://bugzilla.redhat.com/show_bug.cgi?id=2255563
3. https://www.mail-archive.com/postfix-users@postfix.org/msg100901.html

ZTE has released security updates to address vulnerabilities in ZTE Red Magic 8 Pro. Exploitation of these vulnerabilities may allow an attacker to gain escalated privilege.

Users and administrators are encouraged to review ZTE Security Advisories 1034444 and 1034404 and apply necessary updates.