Full title: OpenBSD OpenSMTPD Privilege Escalation / Code Execution Vulnerabilities 
Category: local exploits
Platform: openbsd
Qualys discovered a vulnerability in OpenSMTPD, OpenBSD's mail server. This vulnerability is exploitable since May 2018 (commit a8e222352f, "switch smtpd to new grammar") and allows an attacker to execute arbitrary shell commands, as root.

# 0day.today @ http://0day.today/