[原文]Buffer overflow in ZMailer before 2.99.51_1 allows remote attackers to execute arbitrary code during HELO processing from an IPv6 address, possibly using an address that resolves to a long hostname.
ZMailer is included as part of the FreeBSD ports collection. FreeBSD has released a Security Notice FreeBSD-SN-02:05. Users of FreeBSD systems are strongly urged to upgrade their ports tree to fix various reported issues. Further information can be found in the referenced Security Notice.
ZMailer is prone to a remote buffer overflow condition, when using IPv6. The issue is triggerd by sending an overly long HELO command. With a specially crafted request, a remote attacker can gain access to the server or crash the server.
Upgrade to the latest ports collection, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.