oss-sec mailing list archives
CVE request: OpenSMTPD 5.7.2
From: Kristian Fiskerstrand <kristian.fiskerstrand () sumptuouscapital com>
Date: Fri, 2 Oct 2015 15:11:06 +0200
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Dear all, OpenSMTPd announced version 5.7.2 today[0] listing the following issues, if CVEs have not been requested for these issues already, might some be assigned, please? Issues fixed in this release (since 5.7.1): =========================================== - - an oversight in the portable version of fgetln() that allows attackers to read and write out-of-bounds memory; - - multiple denial-of-service vulnerabilities that allow local users to kill or hang OpenSMTPD; - - a stack-based buffer overflow that allows local users to crash OpenSMTPD, or execute arbitrary code as the non-chrooted _smtpd user; - - a hardlink attack (or race-conditioned symlink attack) that allows local users to unset the chflags() of arbitrary files; - - a hardlink attack that allows local users to read the first line of arbitrary files (for example, root's hash from /etc/master.passwd); - - a denial-of-service vulnerability that allows remote attackers to fill OpenSMTPD's queue or mailbox hard-disk partition; - - an out-of-bounds memory read that allows remote attackers to crash OpenSMTPD, or leak information and defeat the ASLR protection; - - a use-after-free vulnerability that allows remote attackers to crash OpenSMTPD, or execute arbitrary code as the non-chrooted _smtpd user; References: [0] https://www.opensmtpd.org/announces/release-5.7.2.txt - -- - ---------------------------- Kristian Fiskerstrand Blog: http://blog.sumptuouscapital.com Twitter: @krifisk - ---------------------------- Public OpenPGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3 - ---------------------------- "Excellence is not a singular act but a habit. You are what you do repeatedly." (Shaquille O'Neal) -----BEGIN PGP SIGNATURE----- iQEcBAEBCgAGBQJWDoJmAAoJECULev7WN52FwIUIAJFWaOhKmNNJ8Pj0dqf96kIx sn4oZG/iD8oJn/KjNDoAVCilujxJ7NV8gWMzNqHRVUwGkEcfAmkfmfJjsKpr24ZE m9fWP82k36WPaLl9kM4arL2PeWEDEooOpjiAgE5Jj+pfoONU4MU9yDTeAmsSx5Zt UC0dZILlTBNFGg7Dxl9wzZhkTlgTq5ukx9j+5LKUzF3QlOixj0+uqOqxX+iz+Cny 3kDDmvEYA/79kIMpnao609ntrWg3NCRTFm6EK38XidncI+NqYSF2Vt3TBcm8Beqg GicW+itboy3305PFXWrZOJSg7/wxG7wJnw9NWZj2Dz2buCJ1sRir8KUaecqQpqA= =7++X -----END PGP SIGNATURE-----
Current thread:
- CVE request: OpenSMTPD 5.7.2 Kristian Fiskerstrand (Oct 02)