Ipswitch IMail / SLMail VRFY Command Remote Overflow
Medium Nessus Plugin ID 10254
SynopsisThe remote mail server is vulnerable to denial of service.
DescriptionIt was possible to crash the affected SMTP service by sending a VRFY command with a long argument.
This attack is known to affect certain versions of Ipswitch IMail and Seattle Labs' SLMail, although products from other vendors may also be affected.
An unauthenticated, remote attacker can leverage this issue to conduct a denial of service attack against the affected mail server.
SolutionContact the product's vendor for an update.