Qualys Security Advisory - Qmail Remote Code Execution

Posted on 23 May 2020

In 2005, three vulnerabilities were discovered in qmail but were never fixed because they were believed to be unexploitable in a default installation. Qualys recently re-discovered these vulnerabilities and were able to exploit one of them remotely in a default installation.