FS#65322 - [opensmtpd] CVE-2020-7247 remote command execution
Attached to Project:
Community Packages
Opened by loqs (loqs) - Wednesday, 29 January 2020, 22:18 GMT
Last edited by Levente Polyak (anthraxx) - Wednesday, 29 January 2020, 23:57 GMT
Opened by loqs (loqs) - Wednesday, 29 January 2020, 22:18 GMT
Last edited by Levente Polyak (anthraxx) - Wednesday, 29 January 2020, 23:57 GMT
|
Details
Description:
smtp_mailaddr in smtp_session.c in opensmtpd 6.6.2, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session, as demonstrated by shell metacharacters in a MAIL FROM field. This affects the "uncommented" default configuration. The issue exists because of an incorrect return value upon failure of input validation. [1] Is the fix in opensmtpd. [2] Is the fix in opensmtpd portable release. Additional info: * opensmtpd 6.6.2p1-1 * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7247 * [1] https://github.com/openbsd/src/commit/9dcfda045474d8903224d175907bfc29761dcb45 * [2] https://github.com/OpenSMTPD/OpenSMTPD/commit/2afab2297347342f81fa31a75bbbf7dbee614fda Steps to reproduce: |
This task depends upon
Closed by Levente Polyak (anthraxx)
Wednesday, 29 January 2020, 23:57 GMT
Reason for closing: Fixed
Additional comments about closing: 6.6.2p1-1
Wednesday, 29 January 2020, 23:57 GMT
Reason for closing: Fixed
Additional comments about closing: 6.6.2p1-1
Thanks for the report!!