FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

OpenSMTPD -- multiple vulnerabilities

Affected packages
opensmtpd < 5.7.3,1

Details

VuXML ID 42852f72-6bd3-11e5-9909-002590263bf5
Discovery 2015-10-04
Entry 2015-10-06

OpenSMTPD developers report:

fix an mda buffer truncation bug which allows a user to create forward files that pass session checks but fail delivery later down the chain, within the user mda

fix remote buffer overflow in unprivileged pony process

reworked offline enqueue to better protect against hardlink attacks

[source]

References

URL http://www.openwall.com/lists/oss-security/2015/10/04/2
URL https://www.opensmtpd.org/announces/release-5.7.3.txt

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.