Processing control commands:
> found -1 5.7.3p2-1
Bug #952453 {Done: Ryan Kavanagh } [opensmtpd] arbitrary
command execution vulnerability
Marked as found in versions opensmtpd/5.7.3p2-1.
--
952453: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=952453
Debian Bug Tracking System
Contact ow..
Control: found -1 5.7.3p2-1
This affects Debian versions since 5.7.3p2 (released upstream
2016-02-02). Quoting from the advisory:
This vulnerability, an out-of-bounds read introduced in December
2015 (commit 80c6a60c, "when peer outputs a multi-line response
..."), is exploitable remo
Package: opensmtpd
Version: 6.6.2p1-1
Severity: critical
Tags: upstream
OpenBSD 6.6 errata 021, February 24, 2020:
An out of bounds read in smtpd allows an attacker to inject arbitrary
commands into the envelope file which are then executed as root.
Separately, missing privilege revocation in smt
3 matches
Mail list logo
