|
|
Пишет LWN.net (![[info]](http://lj.rossia.org/img/syndicated.gif){kind=small} syn_lwnheadline)@ 2020-01-29 16:08:00 |
 |
|
 |
|
|
|
|
|
|
 |
|
 |
Unpleasant vulnerability in OpenSMTPD
Qualys has put out an advisory regarding a vulnerability in OpenBSD's
OpenSMTPD mail server. It "allows an attacker to execute arbitrary shell
commands, as root: either locally, in OpenSMTPD's default configuration (which listens on
the loopback interface and only accepts mail from localhost);
or locally and remotely, in OpenSMTPD's 'uncommented' default
configuration (which listens on all interfaces and accepts external
mail)." OpenBSD users would be well advised to update quickly.
Qualys has put out an advisory regarding a vulnerability in OpenBSD's
OpenSMTPD mail server. It "allows an attacker to execute arbitrary shell
commands, as root: either locally, in OpenSMTPD's default configuration (which listens on
the loopback interface and only accepts mail from localhost);
or locally and remotely, in OpenSMTPD's 'uncommented' default
configuration (which listens on all interfaces and accepts external
mail)." OpenBSD users would be well advised to update quickly.
