OpenSMTPD 6.6.4 Patch 1

CPE Details

OpenSMTPD 6.6.4 Patch 1
6.6.4
2020-03-30
11h00 +00:00
2020-03-30
11h00 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:opensmtpd:opensmtpd:6.6.4:p1:*:*:*:*:*:*

Informations

Vendor

opensmtpd

Product

opensmtpd

Version

6.6.4

Update

p1

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2023-29323 2023-04-03 22h00 +00:00 ascii_load_sockaddr in smtpd in OpenBSD before 7.1 errata 024 and 7.2 before errata 020, and OpenSMTPD Portable before 7.0.0-portable commit f748277, can abort upon a connection from a local, scoped IPv6 address.
7.8
High
CVE-2020-35679 2020-12-24 14h53 +00:00 smtpd/table.c in OpenSMTPD before 6.8.0p1 lacks a certain regfree, which might allow attackers to trigger a "very significant" memory leak via messages to an instance that performs many regex lookups.
7.5
High
CVE-2020-35680 2020-12-24 14h53 +00:00 smtpd/lka_filter.c in OpenSMTPD before 6.8.0p1, in certain configurations, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted pattern of client activity, because the filter state machine does not properly maintain the I/O channel between the SMTP engine and the filters layer.
7.5
High