A malicious remote server might be able to execute arbitrary commands by closing the connection from a client using easy handlers. A malicious user could execute arbitrary code by passing a very long username or password used for SASL authentication.