Code injection

When adding an external mail account, processing of SMTP "capabilities" responses are not limited to plausible sizes. Attacker with access to a rogue SMTP service could trigger requests that lead to excessive resource usage and eventually service unavailability. We now limit accepted SMTP server...

[Full-Disclosure] Zone Labs Security Advisory ZL04-08 - SMTP processing vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Zone Labs Security Advisory ZL04-008 Zone Labs SMTP Processing Vulnerability Date Published February 18, 2004 Date Last Revised February 18, 2004 Severity Medium Overview ======== A security vulnerability exists in specific versions of ZoneAlarm,...