Intrusion Prevention

POP3.Server.PASS.Command.Buffer.Overflow

Description

This indicates a possible attempt to exploit a buffer overrun vulnerability in the BVRP SLMail server software.
SLMail Pro is a web-based POP3 and SMTP email server for Microsoft Windows NT/2000/2003. The vulnerability occurs in the POP3 server and is caused by insufficient bounds checking of the user-supplied password during authentication. A remote attacker can cause a buffer overflow by sending a password of more than 2600 bytes length, and as a result may be able to execute arbitrary code on the system.

Affected Products

BVRP Software SLMail 5.1.0.4420 and earlier.

Impact

System compromise, arbitrary code execution.

Recommended Actions

Upgrade to BVRP Software SLMail 5.5 or later.