Unrated severityNVD Advisory· Published Jun 19, 2008· Updated Apr 23, 2026

CVE-2008-2784

Description

The smtp_filter function in spamdyke before 3.1.8 does not filter RCPT commands after encountering the first DATA command, which allows remote attackers to use the server as an open mail relay by sending RCPT commands with invalid recipients, followed by a DATA command, followed by arbitrary RCPT commands and a second DATA command.

Affected products

Spamdyke/Spamdyke10 versions
cpe:2.3:a:spamdyke:spamdyke:3.0.0:*:*:*:*:*:*:*+ 9 more
- cpe:2.3:a:spamdyke:spamdyke:3.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:spamdyke:spamdyke:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:spamdyke:spamdyke:3.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:spamdyke:spamdyke:3.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:spamdyke:spamdyke:3.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:spamdyke:spamdyke:3.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:spamdyke:spamdyke:3.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:spamdyke:spamdyke:3.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:spamdyke:spamdyke:3.1.6:*:*:*:*:*:*:*
- cpe:2.3:a:spamdyke:spamdyke:3.1.7:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000