Описание
A stack-based buffer overflow vulnerability in gross 0.9.3 through 1.x before 1.0.4 allows remote attackers to trigger a denial of service (grossd daemon crash) or potentially execute arbitrary code in grossd via crafted SMTP transaction parameters that cause an incorrect strncat for a log entry.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 1.0.2-4.1 |
| esm-apps/bionic | released | 1.0.2-4ubuntu0.18.04.1~esm1 |
| esm-apps/focal | released | 1.0.2-4ubuntu0.20.04.1 |
| esm-apps/jammy | released | 1.0.2-4ubuntu0.22.04.1 |
| esm-apps/noble | released | 1.0.2-4ubuntu0.24.04.1 |
| esm-apps/xenial | released | 1.0.2-4ubuntu0.16.04.1~esm1 |
| focal | released | 1.0.2-4ubuntu0.20.04.1 |
| jammy | released | 1.0.2-4ubuntu0.22.04.1 |
| mantic | ignored | end of life, was needed |
| noble | released | 1.0.2-4ubuntu0.24.04.1 |
Показывать по
Ссылки на источники
7.5 High
CVSS3
Связанные уязвимости
A stack-based buffer overflow vulnerability in gross 0.9.3 through 1.x before 1.0.4 allows remote attackers to trigger a denial of service (grossd daemon crash) or potentially execute arbitrary code in grossd via crafted SMTP transaction parameters that cause an incorrect strncat for a log entry.
A stack-based buffer overflow vulnerability in gross 0.9.3 through 1.x ...
7.5 High
CVSS3