Major vulnerabilities in opensmtpd resulting in RCE and DOS
Bug #1861242 reported by
Ryan Kavanagh
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
opensmtpd (Debian) |
Fix Released
|
Unknown
|
|||
opensmtpd (Ubuntu) |
Fix Released
|
Critical
|
Unassigned | ||
Bionic |
Fix Released
|
Critical
|
Unassigned | ||
Eoan |
Fix Released
|
Critical
|
Unassigned |
Bug Description
opensmtpd versions >= 6 have two vulnerabilities:
An incorrect check allows an attacker to trick mbox delivery into executing
arbitrary commands as root and lmtp delivery into executing arbitrary commands
as an unprivileged user.
smtpd can crash on opportunistic TLS downgrade, causing a denial of service.
CVE References
Changed in opensmtpd (Debian): | |
status: | Unknown → Confirmed |
Changed in opensmtpd (Debian): | |
status: | Confirmed → Fix Released |
Changed in opensmtpd (Ubuntu Bionic): | |
status: | Confirmed → Fix Released |
Changed in opensmtpd (Ubuntu Eoan): | |
status: | Confirmed → Fix Released |
To post a comment you must log in.
Ubuntu focal has 6.6.2p1-1 now as a result of an auto-sync from Debian. I've opened tasks for other series that have versions >= 6.