OpenSMTPD version 6.6.2 remote code execution exploit.
abe43f7110bb331986cc5d9ed522108c73061ac20671c668b7da6fcdfb9996c1Gentoo Linux Security Advisory 202105-12 - Multiple vulnerabilities have been found in OpenSMTPD, the worst of which could result in a Denial of Service condition. Versions less than 6.8.0_p2 are affected.
63e9612b85c76f91b6a2176f6cbb6399d8b1c31a84dacd5a1a4a248e4efb8553This Metasploit module exploits an out-of-bounds read of an attacker-controlled string in OpenSMTPD's MTA implementation to execute a command as the root or nobody user, depending on the kind of grammar OpenSMTPD uses.
eaae80dd2ec7c12121e43d82f332898ca6bf36eb080cf1316770e1ef1e93f2f0Ubuntu Security Notice 4294-1 - It was discovered that OpenSMTPD mishandled certain input. A remote, unauthenticated attacker could use this vulnerability to execute arbitrary shell commands as any non-root user. It was discovered that OpenSMTPD did not properly handle hardlinks under certain conditions. An unprivileged local attacker could read the first line of any file on the filesystem.
5b6805dc7503709eaa6444271d78fe6c8eb7dcb5aa91a23ed44fee1b7b1d5835Debian Linux Security Advisory 4634-1 - Qualys discovered that the OpenSMTPD SMTP server performed insufficient validation of SMTP commands, which could result in local privilege escalation or the execution of arbitrary code.
5da50339d4d1fb31d2ce2fa5d1c69b447dfd44db51920c67a0c326da5a65d4c0Qualys discovered a vulnerability in OpenSMTPD, OpenBSD's mail server. This vulnerability, an out-of-bounds read introduced in December 2015, is exploitable remotely and leads to the execution of arbitrary shell commands.
2c58b82819510289b2fd55d1c6a82b81b279777abd6a6b0db391f990ec12b148Qualys discovered a minor vulnerability in OpenSMTPD, OpenBSD's mail server. An unprivileged local attacker can read the first line of an arbitrary file (for example, root's password hash in /etc/master.passwd) or the entire contents of another user's file (if this file and /var/spool/smtpd/ are on the same filesystem). A proof of concept exploit is included in this archive.
3617b8854e485e1d063e08764e96429e54c6b7bb0467d127e819133f80c925d5smtp_mailaddr in smtp_session.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session, as demonstrated by shell meta-characters in a MAIL FROM field. This affects the "uncommented" default configuration. The issue exists because of an incorrect return value upon failure of input validation.
f42f9b3d984851bedec7966cba6c70991ad906a48462064b1ae90325c6aa112bThis Metasploit module exploits a command injection in the MAIL FROM field during SMTP interaction with OpenSMTPD to execute code as the root user.
57c3324e249d1cbd264a76ba4f846f6f97ae95eb20be6fe751558e8ce2444825Ubuntu Security Notice 4268-1 - It was discovered that OpenSMTPD incorrectly verified the sender's or receiver's e-mail addresses under certain conditions. An attacker could use this vulnerability to execute arbitrary commands as root.
fb1a4c6a7673d1e704ce5b14810da07fcd07eca7997ed43842b41e748c35f68aDebian Linux Security Advisory 4611-1 - Qualys discovered that the OpenSMTPD SMTP server performed insufficient validation of email addresses which could result in the execution of arbitrary commands as root. In addition this update fixes a denial of service by triggering an opportunistic TLS downgrade.
b13a8757f4f9e0b2f590ed0cdbe4d23e4718fa37e2ea6ca4ed4d48c3bfa33f2aQualys discovered a vulnerability in OpenSMTPD, OpenBSD's mail server. This vulnerability is exploitable since May 2018 (commit a8e222352f, "switch smtpd to new grammar") and allows an attacker to execute arbitrary shell commands, as root.
9415f92980a964e9430ed555502126d19de735d2acfd5db27d83bb342e5a8b2cGentoo Linux Security Advisory 201601-4 - Multiple vulnerabilities have been found in OpenSMTPD, the worst allowing remote attackers to execute arbitrary code. Versions less than 5.7.3_p1 are affected.
d62d01579964fac63bf4746a32bf41e5b67100440041d0086c611de45fba65c2Qualys discovered various vulnerabilities in OpenSMTPD. These include, but are not limited to, denial of service, buffer overflow, hardlink attack and use-after-free vulnerabilities.
a0a4071e027cd0032bb15321814e2500f5dbd461a8b3356d921e787243fd6c28
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed