The STARTTLS implementation in MailMarshal before 7.2 allows plaintext command injection.Referenceshttp://www.trustwave.com/software/mailmarshal_smtp/MailMarshalSEG-ReleaseNotes-7.2.0.6272.htm
