Описание
OpenSMTPD before 6.6.4 allows local users to read arbitrary files (e.g., on some Linux distributions) because of a combination of an untrusted search path in makemap.c and race conditions in the offline functionality in smtpd.c.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 6.0.3p1-1ubuntu0.2 |
| devel | released | 6.6.4p1-1 |
| eoan | released | 6.0.3p1-6ubuntu0.2 |
| esm-apps/bionic | released | 6.0.3p1-1ubuntu0.2 |
| esm-apps/focal | released | 6.6.4p1-1 |
| esm-apps/jammy | released | 6.6.4p1-1 |
| esm-apps/noble | released | 6.6.4p1-1 |
| esm-apps/xenial | released | 5.7.3p2-1ubuntu0.1~esm2 |
| esm-infra-legacy/trusty | needed | |
| focal | released | 6.6.4p1-1 |
Показывать по
EPSS
4.7 Medium
CVSS2
4.7 Medium
CVSS3
Связанные уязвимости
OpenSMTPD before 6.6.4 allows local users to read arbitrary files (e.g., on some Linux distributions) because of a combination of an untrusted search path in makemap.c and race conditions in the offline functionality in smtpd.c.
OpenSMTPD before 6.6.4 allows local users to read arbitrary files (e.g ...
OpenSMTPD before 6.6.4 allows local users to read arbitrary files (e.g., on some Linux distributions) because of a combination of an untrusted search path in makemap.c and race conditions in the offline functionality in smtpd.c.
EPSS
4.7 Medium
CVSS2
4.7 Medium
CVSS3