CVE-2020-8794
critical-risk
Published 2020-02-25
OpenSMTPD before 6.6.4 allows remote code execution because of an out-of-bounds read in mta_io in mta_session.c for multi-line replies. Although this vulnerability affects the client side of OpenSMTPD, it is possible to attack a server because the server code launches the client code during bounce handling.
Do I need to act?
!
88.1% chance of exploitation in next 30 days
EPSS score — higher than 12% of all CVEs
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
+
Fix available
Upgrade to: 555d2121736acdd70453b24b94c8c2996d9ab5f9
9
CVSS 9.8/10
Critical
NETWORK
/ LOW complexity
Affected Products (7)
Affected Vendors
References (22)
Mailing List
http://seclists.org/fulldisclosure/2020/Feb/32
Third Party Advisory
https://www.debian.org/security/2020/dsa-4634
Third Party Advisory
https://www.openbsd.org/security.html
Mailing List
http://seclists.org/fulldisclosure/2020/Feb/32
Third Party Advisory
https://www.debian.org/security/2020/dsa-4634
and 2 more references
73
/ 100
critical-risk
Severity
32/34 · Critical
Exploitability
27/34 · High
Exposure
14/34 · Moderate