'This week a remotely-exploitable vulnerability (granting root
privileges) was discovered in OpenSMTPD (OpenBSD's implementation of
ZDNet notes that the library's "portable" version "has also been
incorporated into other OSes, such as FreeBSD, NetBSD, and some Linux
distros, such as Debian, Fedora, Alpine Linux, and more."
To exploit this issue, an attacker must craft and send malformed SMTP
messages to a vulnerable server... OpenSMTPD developers have confirmed
the vulnerability and released a patch earlier Wednesday -- OpenSMTPD
The good news is that the bug was introduced in the OpenSMTPD code in
May 2018 and that many distros may still use older library versions,
not affected by this issue. For example, only in-dev Debian releases
are affected by this issue, but not Debian stable branches, which ship
with older OpenSMTPD versions.
Technical details and proof of concept exploit code are available in
the Qualys CVE-2020-7247 security advisory.
Hackaday has a more detailed description of the vulnerability, while
the Register looks at the buggy C code.
Interestingly, Qualys researchers exploited this vulnerability using a
technique from the Morris Worm of 1988.'
-- source: https://it.slashdot.org/story/20/02/01/2254237
Dept. of Computer Science
University of Waikato, NZ
+64 (7) 858-5174