CVE-2003-0264

Name of the Vulnerable Software and Affected Versions: SLMail version 5.1.0.4420

Description: The issue allows remote attackers to execute arbitrary code due to multiple buffer overflows. This can be achieved through various means, including a long EHLO argument to slmail.exe, a long XTRN argument to slmail.exe, a long string to POPPASSWD, or a long password to the POP3 server.

Recommendations: For SLMail version 5.1.0.4420, consider restricting access to the slmail.exe and POP3 server until a patch is available. As a temporary workaround, limit the length of input arguments and strings to prevent buffer overflows. Avoid using long passwords or strings in the POPPASSWD and POP3 server.