CVE-2020-8793

OpenSMTPD before 6.6.4 allows local users to read arbitrary files (e.g., on some Linux distributions) because of a combination of an untrusted search path in makemap.c and race conditions in the offline functionality in smtpd.c.
TOCTOU
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.7 MEDIUM
LOCAL
HIGH
LOW
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 73%
VendorProductVersion
opensmtpdopensmtpd
𝑥
< 6.6.4
canonicalubuntu_linux
18.04
canonicalubuntu_linux
19.10
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
opensmtpd
bullseye
6.8.0p2-3
fixed
bookworm
6.8.0p2-4
fixed
sid
7.5.0p0-1
fixed
trixie
7.5.0p0-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
opensmtpd
noble
Fixed 6.6.4p1-1
released
mantic
Fixed 6.6.4p1-1
released
lunar
Fixed 6.6.4p1-1
released
kinetic
Fixed 6.6.4p1-1
released
jammy
Fixed 6.6.4p1-1
released
impish
Fixed 6.6.4p1-1
released
hirsute
Fixed 6.6.4p1-1
released
groovy
Fixed 6.6.4p1-1
released
focal
Fixed 6.6.4p1-1
released
eoan
Fixed 6.0.3p1-6ubuntu0.2
released
bionic
Fixed 6.0.3p1-1ubuntu0.2
released
xenial
Fixed 5.7.3p2-1ubuntu0.1~esm2
released
trusty
needed
Common Weakness Enumeration
References
http://seclists.org/fulldisclosure/2020/Feb/28
http://www.openwall.com/lists/oss-security/2020/02/24/4
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OPH4QU4DNVHA7ACFXMYFCEP5PSXXPN4E/
https://usn.ubuntu.com/4294-1/
https://www.openbsd.org/security.html
http://seclists.org/fulldisclosure/2020/Feb/28
http://www.openwall.com/lists/oss-security/2020/02/24/4
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OPH4QU4DNVHA7ACFXMYFCEP5PSXXPN4E/
https://usn.ubuntu.com/4294-1/
https://www.openbsd.org/security.html