Qualys researchers have discovered a critical vulnerability (CVE-2020-7247) in OpenBSD’s OpenSMTPD mail server, which can allow attackers to execute arbitrary shell commands on the underlying system as root. “We developed a simple proof of concept and successfully tested it against OpenBSD 6.6 (the current release) and Debian testing (Bullseye); other versions and distributions may be exploitable,” they noted in the accompanying security advisory. What is OpenSMTPD? OpenSMTPD is an open source implementation of the Simple … More
The post Critical RCE flaw in OpenSMTPD, patch available appeared first on Help Net Security.
Advertise on IT Security News.
Read the complete article: Critical RCE flaw in OpenSMTPD, patch available