A stack-based buffer overflow vulnerability in gross 0.9.3 through 1.x before 1.0.4 allows remote attackers to trigger a denial of service (grossd daemon crash) or potentially execute arbitrary code in grossd via crafted SMTP transaction parameters that cause an incorrect strncat for a log entry.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| debian | debian_linux | 10.0 |
| bizdelnick | gross | * |