OpenBSD

CVE-2020-7247 exploit: LPE and RCE in OpenBSD’s OpenSMTPD

On 14 Feb, 2020
By Marco Ivaldi (aka raptor)

I've written an exploit for the local privilege escalation and remote command execution vulnerability in OpenBSD's OpenSMTPD recently reported by Qualys as CVE-2020-7247: "smtp_mailaddr in smtp_session.c in OpenSMTPD 6.6, as…

CVE-2018-14665 exploit: local privilege escalation on OpenBSD 6.3 and 6.4

On 27 Oct, 2018
By Marco Ivaldi (aka raptor)

This is my take on the recent Xorg vulnerability (CVE-2018-14665): "A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg.…