Claus Assmann <[email protected]> writes:
> On Wed, Apr 08, 2020, Kevin Chadwick wrote:
>
>> OpenSMTPD does not listen to the internet, by default and even if you do set
>> it
>
> From: Qualys Security Advisory <[email protected]>
> To: [email protected]
> Message-ID: <[email protected]>
>
> - Client-side exploitation: This vulnerability is remotely exploitable
> in OpenSMTPD's (and hence OpenBSD's) default configuration. Although
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
My (default) smtpd.conf says:
listen on lo0
So how might that be remotely exploitable?
Allan
