[原文]Buffer overflow in SMTP service of Lotus Domino 5.0.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long ENVID keyword in the "MAIL FROM" command.
A remote overflow exists in Lotus Domino ESMTP Service. The Mail Server fails to check the length of the submitted ENVID environment variable resulting in a buffer overflow. With a specially crafted request, an attacker can cause the Domino Service to crash and possibly execute arbitrary code resulting in a loss of available and possibly control.
Upgrade to version 5.0.4 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.