-
Notifications
You must be signed in to change notification settings - Fork 13.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add OpenSMTPD CVE-2020-8794 LPE exploit #13003
Conversation
921f3ed
to
89e5c4c
Compare
103b15c
to
59158d6
Compare
I'll see what I can do once the existing to-dos are finished. It may be desirable for CVE-2020-7247, too. Note that since this is a local exploit, TLS would be on the connect back to the fake SMTP server. The |
f319607
to
96269d9
Compare
77ff255
to
c5f8e49
Compare
Also fix copypasta'd vulnerable commit.
fed8927
to
e962dbd
Compare
c73d6f3
to
2377729
Compare
If we add TLS support, it'll be in a subsequent PR. This bucket is full. |
Tested against OpenSMTPD
|
Release NotesThis adds a local exploit module for an out-of-bounds read vulnerability in OpenSMTPD for versions < |
Thanks so much, @space-r7! I hope it didn't take up much of your time. |
OpenSMTPD 6.6.0 on OpenBSD 6.6
OpenSMTPD 6.0.4 on OpenBSD 6.3
#12889