Red Security

Red Security > General > News > OpenSMTPD Email Server Vulnerability Threatens Many Linux and BSD Systems
Full Version: OpenSMTPD Email Server Vulnerability Threatens Many Linux and BSD Systems
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

Mr.Kurd

03-02-2020, 08:40 PM
In The Name OF Allah
Al-Salam Alekum

[Image: d6a9ca00-fff6-11e9-925f-6054b81d7d80-800x445.jpeg]

Hello Guys, if you are using this email Server, it is time to update....

Quote:Researchers from Qualys have discovered a serious vulnerability in the OpenSMTPD email server. As elaborated in their advisory, the vulnerability, CVE-2020-8794, could allow a remote attacker to execute code on the target system.

In brief, the flaw exists on the client-side code that is responsible for delivering emails. Hence, the bug could allow exploitation in two different scenarios: the client-side in the default configuration, or the server-side where the attacker should send an email that creates a bounce. Then, reconnecting again with the server in an attempt to deliver the bounce would let the attacker exploit the client-side vulnerability.


The Source
Wa Salam Alekum
Red Security > General > News > OpenSMTPD Email Server Vulnerability Threatens Many Linux and BSD Systems