Lucene search
Ubuntu.comUB:CVE-2023-52159HistoryMar 18, 2024 - 12:00 a.m.
CVE-2023-52159
2024-03-1800:00:00
ubuntu.com
ubuntu.com
7
cve-2023-52159
stack-based buffer overflow
denial of service
remote attackers
crafted smtp transaction parameters
incorrect strncat
log entry
grossd
debian
unix
A stack-based buffer overflow vulnerability in gross 0.9.3 through 1.x
before 1.0.4 allows remote attackers to trigger a denial of service (grossd
daemon crash) or potentially execute arbitrary code in grossd via crafted
SMTP transaction parameters that cause an incorrect strncat for a log
entry.
Bugs
References
codeberg.org/bizdelnick/gross/commit/3f5508cce2c49d216b163eb7b38ea72d5162c76e (1.0.4)
codeberg.org/bizdelnick/gross/commit/6403985fc1060e7aacea96e60535e1e7b0f6f193 (master)
codeberg.org/bizdelnick/gross/wiki/Known-vulnerabilities#cve-2023-52159
launchpad.net/bugs/cve/CVE-2023-52159
nvd.nist.gov/vuln/detail/CVE-2023-52159
security-tracker.debian.org/tracker/CVE-2023-52159
www.cve.org/CVERecord?id=CVE-2023-52159
Related
veracode
veracode
Stack-Based Buffer Overflow
2024-03-27 10:51:30
osv
osv
gross - security update
2024-03-25 00:00:00
nvd
nvd
CVE-2023-52159
2024-03-18 02:15:06
cve
cve
CVE-2023-52159
2024-03-18 02:15:06
nessus
nessus
Debian dla-3774 : gross - security update
2024-03-25 00:00:00
cvelist
cvelist
CVE-2023-52159
2024-03-18 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-3774-1)
2024-03-26 00:00:00
debiancve
debiancve
CVE-2023-52159
2024-03-18 02:15:06
debian
debian
[SECURITY] [DLA 3774-1] gross security update
2024-03-25 13:31:46