opensmtpd - Arch Linux

issues
advisories
todo
stats
log
login

Resolved

Group	Affected	Fixed	Severity	Status	Ticket
AVG-1105	6.6.3p1-1	6.6.4p1-1	Critical	Fixed
AVG-1090	6.6.1p1-1	6.6.2p1-1	Critical	Fixed

Issue	Group	Severity	Remote	Type	Description
CVE-2020-8794	AVG-1105	Critical	Yes	Arbitrary command execution	An out-of-bounds read vulnerability has been found in the client-side code of OpenSMTPD <= 6.6.3p1, leading to arbitrary command execution via a crafted...
CVE-2020-7247	AVG-1090	Critical	Yes	Arbitrary command execution	smtp_mailaddr in smtp_session.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote attackers to execute arbitrary commands as root...

Issue

Group

Severity

Remote

Type

Description

CVE-2020-8794

AVG-1105

Critical

Yes

Arbitrary command execution

An out-of-bounds read vulnerability has been found in the client-side code of OpenSMTPD <= 6.6.3p1, leading to arbitrary command execution via a crafted...

CVE-2020-7247

AVG-1090

Critical

Yes

Arbitrary command execution

smtp_mailaddr in smtp_session.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote attackers to execute arbitrary commands as root...

Advisories

Date	Advisory	Group	Severity	Description
29 Feb 2020	ASA-202002-13	AVG-1105	Critical	arbitrary command execution
29 Jan 2020	ASA-202001-6	AVG-1090	Critical	arbitrary command execution