NetWin DSMTP (Dmail) ETRN Command Overflow
Critical Nessus Plugin ID 10438
SynopsisThe remote SMTP server has a buffer overflow vulnerability.
DescriptionThe remote SMTP server is vulnerable to a buffer overflow when the ETRN command is issued arguments which are too long. A remote attacker could exploit this to crash the SMTP server, or possibly execute arbitrary code.
SolutionUpgrade to the latest version of the SMTP server. If you are using NetWin DSMTP, upgrade to version 2.7r or later.