Recently, OpenSMTPD 6.6.2p1 released to address a security vulnerability. No. vulnerability CVE-2020-7247. Sender / recipient during this defect by OpenSMTPD embodiment in RFC 5321 caused by insufficient verification.
OpenSMTPD is smtp server program for Unix operating systems (BSD, MacOS, GNU / Linux), and follows RFC 5321 SMTP protocol.
OpenSMTPD originally developed by the OpenBSD operating system. Because of its open source nature, it has been distributed to other Unix platforms.
OpenSMTPD is part of the OpenBSD project. According to ISC license, the software is free for everyone to use and reuse.
We believe that the vulnerability level is medium risk and impact is limited. Experts say:
- Nevertheless, we ability to execute arbitrary shell commands are limited by the local part of the sender's address:
- Although not as limitations OpenSMTPD limit RFC 5321, but the maximum length of the local portion should be 64 characters;
- MAILADDR_ESCAPE characters (for example, "$" and "|") is converted to ":" character. To overcome these limitations, we from the Morris worm ( https://spaf.cerias.purdue.edu/tech-reps/823.pdf draw) in inspiration, the body of the message by the worm executed as a shell script, the use of Sendmail debug vulnerability. "
However, due to the default configuration, it will be attacked. To prevent this vulnerability, we should ask the service management / operations and maintenance personnel in a timely manner of self-examination and self-examination.