smtpd/lka_filter.c in OpenSMTPD prior to 6.8.0p1, in certain configurations, allows remote malicious users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted pattern of client activity, because the filter state machine does not properly maintain the I/O channel between the SMTP engine and the filters layer.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
opensmtpd opensmtpd 6.8.0 |
||
opensmtpd opensmtpd |
||
fedoraproject fedora 32 |
||
fedoraproject fedora 33 |