256 matches found
CVE-2023-29323
asciiloadsockaddr in smtpd in OpenBSD before 7.1 errata 024 and 7.2 before errata 020, and OpenSMTPD Portable before 7.0.0-portable commit f748277, can abort upon a connection from a local, scoped IPv6 address...
Code injection
asciiloadsockaddr in smtpd in OpenBSD before 7.1 errata 024 and 7.2 before errata 020, and OpenSMTPD Portable before 7.0.0-portable commit f748277, can abort upon a connection from a local, scoped IPv6 address...
UBUNTU-CVE-2023-29323
asciiloadsockaddr in smtpd in OpenBSD before 7.1 errata 024 and 7.2 before errata 020, and OpenSMTPD Portable before 7.0.0-portable commit f748277, can abort upon a connection from a local, scoped IPv6 address...
OpenBSD 安全漏洞
OpenBSD is a cross-platform, BSD-based, UNIX-like operating system from the Canadian OpenBSD project team. A security vulnerability exists in OpenBSD versions prior to 7.1 errata 024, prior to 7.2 errata 020, and OpenSMTPD 7.0.0-portable, which stems from a security issue with asciiloadsockaddr i...
PT-2023-22230 · Unknown +2 · Opensmtpd Portable +2
Name of the Vulnerable Software and Affected Versions: OpenBSD versions prior to 7.1 errata 024 OpenBSD versions prior to 7.2 errata 020 OpenSMTPD Portable versions prior to 7.0.0-portable commit f748277 Description: The issue can cause ascii load sockaddr in smtpd to abort upon a connection from...
CVE-2023-29323
asciiloadsockaddr in smtpd in OpenBSD before 7.1 errata 024 and 7.2 before errata 020, and OpenSMTPD Portable before 7.0.0-portable commit f748277, can abort upon a connection from a local, scoped IPv6 address...
CVE-2023-29323
asciiloadsockaddr in smtpd in OpenBSD before 7.1 errata 024 and 7.2 before errata 020, and OpenSMTPD Portable before 7.0.0-portable commit f748277, can abort upon a connection from a local, scoped IPv6 address...
CVE-2023-29323
The CVE-2023-29323 entry affects OpenBSD smtpd (OpenBSD before 7.1 errata 024 and 7.2 before errata 020) and OpenSMTPD Portable before the patched commit f748277 (OpenSMTPD portable), where ascii_load_sockaddr can abort on a connection from a local, scoped IPv6 address. This is a local attack wit...
CVE-2023-29323
asciiloadsockaddr in smtpd in OpenBSD before 7.1 errata 024 and 7.2 before errata 020, and OpenSMTPD Portable before 7.0.0-portable commit f748277, can abort upon a connection from a local, scoped IPv6 address...
K34931053: OpenSMTPD vulnerability CVE-2020-7247
Security Advisory Description smtpmailaddr in smtpsession.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session, as demonstrated by shell metacharacters in a MAIL FROM field. This affects the...
SUSE CVE-2015-7687
Use-after-free vulnerability in OpenSMTPD before 5.7.2 allows remote attackers to cause a denial of service crash or execute arbitrary code via vectors involving reqcavrfysmtp and reqcavrfymta...
SUSE CVE-2020-7247
smtpmailaddr in smtpsession.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session, as demonstrated by shell metacharacters in a MAIL FROM field. This affects the "uncommented" default configuration...
SUSE CVE-2020-35679
smtpd/table.c in OpenSMTPD before 6.8.0p1 lacks a certain regfree, which might allow attackers to trigger a "very significant" memory leak via messages to an instance that performs many regex lookups...
SUSE CVE-2020-35680
smtpd/lkafilter.c in OpenSMTPD before 6.8.0p1, in certain configurations, allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a crafted pattern of client activity, because the filter state machine does not properly maintain the I/O channel between th...
Ubuntu: Security Advisory (USN-4875-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2020-8793
OpenSMTPD before 6.6.4 allows local users to read arbitrary files e.g., on some Linux distributions because of a combination of an untrusted search path in makemap.c and race conditions in the offline functionality in smtpd.c...
VulnCheck KEV: CVE-2020-7247
smtpmailaddr in smtpsession.c in OpenSMTPD, as used in OpenBSD and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session...
OpenSMTPD Remote Code Execution Vulnerability
smtpmailaddr in smtpsession.c in OpenSMTPD, as used in OpenBSD and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session...
Exploit for Improper Handling of Exceptional Conditions in Openbsd Opensmtpd
CVE 2020-7247 PoC exploit for Op...
GLSA-202105-12 : OpenSMTPD: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202105-12 OpenSMTPD: Multiple vulnerabilities Multiple vulnerabilities have been discovered in OpenSMTPD. Please review the CVE identifiers referenced below for details. Impact : A remote attacker, by connecting to the SMTP listen...