| Título | LPE and RCE in OpenSMTPD |
|---|
| Descrição | We discovered a vulnerability in OpenSMTPD, OpenBSD's mail server. This vulnerability is exploitable since May 2018 (commit a8e222352f, "switch smtpd to new grammar") and allows an attacker to execute arbitrary shell commands, as root:
- either locally, in OpenSMTPD's default configuration (which listens on the loopback interface and only accepts mail from localhost);
- or locally and remotely, in OpenSMTPD's "uncommented" default configuration (which listens on all interfaces and accepts external mail).
CVE-2020-7247
Proof of Concept Exploit available |
|---|
| Fonte | ⚠️ https://www.openwall.com/lists/oss-security/2020/01/28/3 |
|---|
| Utilizador | misc (UID 3) |
|---|
| Submissão | 29/01/2020 09h43 (há 6 anos) |
|---|
| Moderação | 10/08/2020 10h38 (6 months later) |
|---|
| Estado | Aceite |
|---|
| Entrada VulDB | 149547 [OpenSMTPD 6.6 SMTP Session smtp_session.c MAIL FROM Elevação de Privilégios] |
|---|
| Pontos | 19 |
|---|