Openbsd: >> Opensmtpd >> 5.3.1 Security Vulnerabilities
Use-after-free vulnerability in OpenSMTPD before 5.7.2 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via vectors involving req_ca_vrfy_smtp and req_ca_vrfy_mta.
CVSS Score
9.8
EPSS Score
0.101
Published
2017-10-16
OpenSMTPD before 5.3.2 does not properly handle SSL sessions, which allows remote attackers to cause a denial of service (connection blocking) by keeping a connection open.
CVSS Score
5.0
EPSS Score
0.016
Published
2014-05-27