Описание
A stack-based buffer overflow vulnerability in gross 0.9.3 through 1.x before 1.0.4 allows remote attackers to trigger a denial of service (grossd daemon crash) or potentially execute arbitrary code in grossd via crafted SMTP transaction parameters that cause an incorrect strncat for a log entry.
Ссылки
- Third Party Advisory
- Mailing List
- Third Party Advisory
- Mailing List
Уязвимые конфигурации
Конфигурация 1Версия от 0.9.3 (включая) до 1.0.4 (исключая)
cpe:2.3:a:bizdelnick:gross:*:*:*:*:*:*:*:*
Конфигурация 2
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
EPSS
Процентиль: 87%
0.03203
Низкий
7.5 High
CVSS3
Дефекты
CWE-787
CWE-787
Связанные уязвимости
CVSS3: 7.5
ubuntu
почти 2 года назад
A stack-based buffer overflow vulnerability in gross 0.9.3 through 1.x before 1.0.4 allows remote attackers to trigger a denial of service (grossd daemon crash) or potentially execute arbitrary code in grossd via crafted SMTP transaction parameters that cause an incorrect strncat for a log entry.
CVSS3: 7.5
debian
почти 2 года назад
A stack-based buffer overflow vulnerability in gross 0.9.3 through 1.x ...
EPSS
Процентиль: 87%
0.03203
Низкий
7.5 High
CVSS3
Дефекты
CWE-787
CWE-787