3 matches found
The vulnerability in the implementation of the mta_io function (mta_session.c) of the mail daemon OpenSMTPD allows a hacker to execute arbitrary code.
The vulnerability in the implementation of the mtaio function mtasession.c in the mail daemon OpenSMTPD is related to the execution of operations outside the buffer boundaries. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
Remote Code Execution
OpenSMTPD is vulnerable to remote code execution. An out-of-bounds read in mtaio in mtasession.c for multi-line replies allows an attacker to execute arbitrary code on the server during bounce handling...
DEBIAN-CVE-2020-8794
OpenSMTPD before 6.6.4 allows remote code execution because of an out-of-bounds read in mtaio in mtasession.c for multi-line replies. Although this vulnerability affects the client side of OpenSMTPD, it is possible to attack a server because the server code launches the client code during bounce...