Stack-based buffer overflow in the webmail feature in SurgeMail 38k4 allows remote malicious users to cause a denial of service (crash) via a long Host header.
netwin surgemail 38k4