Summary: Recently there was a discovery of vulnerabaility tracked as (CVE-2020-7247) in OpenSMTPD, OpenBSD’s mail server. This vulnerability was exploitable since May 2018 (commit a8e222352f, “switch smtpd to new grammar”) that allows an attacker to execute arbitrary shell commands, as root: >> either locally, in OpenSMTPD’s default configuration (that listens on loopback interface and only … Continue reading “OpenBSD OpenSMTPD Remote Command Execution Vulnerability (CVE-2020-7247)”
Tag: OpenBSD
OpenBSD Local Privilege Escalation Vulnerability CVE-2019-19726
Summary: Qualys researchers discovered a local privilege escalation vulnerability in OpenBSD’s dynamic loader (ld.so): this vulnerability is exploitable in the default installation (via the set-user-ID executable chpass or passwd) and yields full root privileges to attackers who has a low privilege on the system. Vulnerability: In OpenBSD with a low memory conditions, “_dl_split_path” function … Continue reading “OpenBSD Local Privilege Escalation Vulnerability CVE-2019-19726”
OpenBSD Authentication Bypass Vulnerability
Summary: Qualys researchers discovered an authentication-bypass vulnerability (CVE-2019-19521) in OpenBSD’s authentication system. An attacker can exploit this issue by sending a specially-crafted username to bypass OpenBSD’s authentication. This vulnerability is remotely exploitable. Vulnerability: OpenBSD uses BSD Authentication, which is made up of a variety of authentication styles. The vulnerability is composed of 2 following … Continue reading “OpenBSD Authentication Bypass Vulnerability”