Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2020-8794 CVE-2020-8793

Several security issues were fixed in opensmtpd.

It was discovered that OpenSMTPD mishandled certain input. A remote, unauthenticated attacker could use this vulnerability to execute arbitrary shell commands as any non-root user. (CVE-2020-8794)

Source

2 March 2020

OpenSMTPD vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

Ubuntu 19.10
Ubuntu 18.04 LTS

Summary

Several security issues were fixed in opensmtpd.

Software Description

opensmtpd - secure, reliable, lean, and easy-to configure SMTP server

Details

It was discovered that OpenSMTPD mishandled certain input. A remote, unauthenticated attacker could use this vulnerability to execute arbitrary shell commands as any non-root user. (CVE-2020-8794)

It was discovered that OpenSMTPD did not properly handle hardlinks under certain conditions. An unprivileged local attacker could read the first line of any file on the filesystem. (CVE-2020-8793)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 19.10: opensmtpd - 6.0.3p1-6ubuntu0.2
Ubuntu 18.04 LTS: opensmtpd - 6.0.3p1-1ubuntu0.2

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

OpenSMTPD vulnerabilities

OpenSMTPD vulnerabilities

Summary

Software Description

Details

Update instructions

References

Vulmon Search

About

Products

Connect