OpenSMTPD Out-Of-Bounds Read / Local Privilege Escalation
Posted on 05 March 2020
This Metasploit module exploits an out-of-bounds read of an attacker-controlled string in OpenSMTPD's MTA implementation to execute a command as the root or nobody user, depending on the kind of grammar OpenSMTPD uses.