[原文]Multiple stack-based buffer overflows in GoodTech SMTP server 5.16 allow remote attackers to execute arbitrary code via (1) a RCPT TO command with a long DNS name, or (2) a large number of RCPT TO commands with a long e-mail name arugment in the last command.
GoodTech SMTP Server RCPT TO Command Remote Overflow
Remote / Network Access
Loss of Integrity
A remote overflow exists in GoodTech SMTP Server. The RCPT TO command fails to validate user-supplied arguments resulting in a stack overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.
Upgrade to version 5.17 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.