USN-4268-1: OpenSMTPD vulnerability
5 February 2020
OpenSMTPD could be made to run programs as root if it received specially crafted input over the network.
- opensmtpd - secure, reliable, lean, and easy-to configure SMTP server
It was discovered that OpenSMTPD incorrectly verified the sender's or
receiver's e-mail addresses under certain conditions. An attacker could use
this vulnerability to execute arbitrary commands as root.