SLMail Malformed Command DoS

1998-09-22T21:24:07
ID OSVDB:6023
Type osvdb
Reporter Mnemonix(mnemonix@globalnet.co.uk)
Modified 1998-09-22T21:24:07

Description

Vulnerability Description

SLMail contains a flaw that may allow a remote denial of service. The issue is triggered when sending commands containing open parentheses ('('), and will result in loss of availability for the smtp service.

Solution Description

Upgrade to version 3.1 Build 2961 or later, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

SLMail contains a flaw that may allow a remote denial of service. The issue is triggered when sending commands containing open parentheses ('('), and will result in loss of availability for the smtp service.

References:

Vendor URL: http://www.seattlelab.com/products/slmail/default.asp Related OSVDB ID: 5969 Related OSVDB ID: 5970 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/1998_3/0883.html ISS X-Force ID: 1664 CVE-1999-1265