OpenSMTPD Vulnerability Leads to Command Injection

An update released this week for the OpenSMTPD mail server addresses an out-of-bounds read vulnerability that could lead to arbitrary command execution.

OpenSMTPD is the open source implementation of the Simple Mail Transfer Protocol (SMTP) in OpenBSD, and its portable version can run on multiple Linux distributions, and Apple’s Mac OS X platform.