CVE-2020-7247

Priority
Description
smtp_mailaddr in smtp_session.c in OpenSMTPD 6.6, as used in OpenBSD 6.6
and other products, allows remote attackers to execute arbitrary commands
as root via a crafted SMTP session, as demonstrated by shell metacharacters
in a MAIL FROM field. This affects the "uncommented" default configuration.
The issue exists because of an incorrect return value upon failure of input
validation.
Ubuntu-Description
It was discovered that OpenSMTPD incorrectly verified the sender's or
receiver's e-mail addresses under certain conditions. An attacker could use
this vulnerability to execute arbitrary commands as root.
Notes
Package
Upstream:released (6.6.2p1-1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):needed
Ubuntu 18.04 LTS (Bionic Beaver):released (6.0.3p1-1ubuntu0.1)
Ubuntu 19.10 (Eoan Ermine):released (6.0.3p1-6ubuntu0.1)
Ubuntu 20.04 (Focal Fossa):not-affected (6.6.2p1-1)
Patches:
Upstream:https://github.com/openbsd/src/commit/9dcfda045474d8903224d175907bfc29761dcb45
More Information

Updated: 2020-02-05 15:14:21 UTC (commit 464f6be22dadcb3775e2f28f6ed97cc998a582eb)