SLMail Long VRFY Overflow

1998-03-11T20:44:56
ID OSVDB:5969
Type osvdb
Reporter Steven(steven@efni.com)
Modified 1998-03-11T20:44:56

Description

Vulnerability Description

Seattle Lab SLMail contains a flaw that allows a remote attacker to crash the server. By sending a VRFY command containing 1024 or more characters to port 25, an attacker will crash the server.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

Seattle Lab SLMail contains a flaw that allows a remote attacker to crash the server. By sending a VRFY command containing 1024 or more characters to port 25, an attacker will crash the server.

References:

Vendor URL: http://www.seattlelab.com/products/slmail/default.asp Related OSVDB ID: 6116 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/1998_1/0380.html ISS X-Force ID: 887 CVE-1999-0231