Overview

On February 24, local time, researchers from Qualys released a remote code execution vulnerability (CVE-2020-8794) existing in OpenSMTPD.

As part of the OpenBSD part, OpenSMTPD (also known as OpenBSD’s mail server) is a free implementation of the server-side SMTP protocol as defined by RFC 5321.

CVE-2020-8794 is an out-of-bounds read vulnerability. Attackers could exploit this vulnerability to inject arbitrary commands into the envelope file that are then executed as root.

According to researchers, they developed a simple exploit for this vulnerability and successfully tested it against OpenBSD 6.6, OpenBSD 5.9, Debian 10 (stable), Debian 11 (testing), and Fedora 31.

Reference:

https://www.openwall.com/lists/oss-security/2020/02/24/5 (mais…)