CVE-2020-8793

MEDIUM

OpenSMTPD <6.6.4 - Info Disclosure

Title source: llm

Description

OpenSMTPD before 6.6.4 allows local users to read arbitrary files (e.g., on some Linux distributions) because of a combination of an untrusted search path in makemap.c and race conditions in the offline functionality in smtpd.c.

Exploits (1)

exploitdb WORKING POC

by Qualys Corporation · cremotelinux

https://www.exploit-db.com/exploits/48139

View Code ZIP pw:eip

References (5)

[Mailing List, Third Party Advisory] http://seclists.org/fulldisclosure/2020/Feb/28

[Exploit, Mailing List, Third Party Advisory] http://www.openwall.com/lists/oss-security/2020/02/24/4

[Third Party Advisory] https://usn.ubuntu.com/4294-1/

[Third Party Advisory] https://www.openbsd.org/security.html

[Mailing List, Third Party Advisory] https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OPH4QU4DNVHA7ACFXMYFCEP5PSXXPN4E/

Scores

CVSS v3 4.7

EPSS 0.0079

EPSS Percentile 73.9%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-367 CWE-426

Status published

Products (4)

canonical/ubuntu_linux 18.04

canonical/ubuntu_linux 19.10

fedoraproject/fedora 32

opensmtpd/opensmtpd < 6.6.4

Published Feb 25, 2020

Tracked Since Feb 18, 2026