On Wed, Apr 08, 2020, Kevin Chadwick wrote:
> OpenSMTPD does not listen to the internet, by default and even if you do set it
From: Qualys Security Advisory <qsa@qualys.com>
To: oss-security@lists.openwall.com
Message-ID: <20200224184538.GF17396@localhost.localdomain>
- Client-side exploitation: This vulnerability is remotely exploitable
in OpenSMTPD's (and hence OpenBSD's) default configuration. Although
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> Is it hard to write a secure mail server, sure. Look at exims bugs.
[Is that like saying:
"Is it hard to write a secure OS, sure. Look at Linux bugs."?
]
How about qmail (or postfix)? (and some other barely known MTA)
--
Address is valid for this mailing list only, please do not reply
to it direcly, but to the list.
No comments:
Post a Comment