Yes, I've a feeling it was supposed to be LESS than 6.0.7? Someone from
Damage Hacking Group want to clarify?

jasonk

> -----Original Message-----
> From: William Pratt [mailto:wpratt (at) megapath (dot) net [email concealed]]
> Sent: Tuesday, 29 April 2003 8:25 AM
> To: 'bugtraq (at) security.nnov (dot) ru [email concealed]'; 'bugtraq (at) securityfocus (dot) com [email concealed]'
> Subject: RE: MDaemon SMTP/POP/IMAP server: =>6.0.7: POP remote DoS
>
>
>
> Tested on 6.5.1 on Win2K Server. Does not crash MDaemon and
> returns a 'no such message' error.
>
> Sincerely,
>
> William Pratt
> Unix Systems Engineer
> MegaPath Networks, Inc.
> http://www.megapath.net
>
>
>
> ########################################################*
> # Damage Hacking Group security advisory
> # www.dhgroup.org
> ########################################################*
> #Product: MDaemon SMTP/POP/IMAP server =>v.6.0.7
> #Authors: Alt-N Technologies [www.mdaemon.com]
> #Vulnerability: remote DoS via POP3 service
> ########################################################*
>
<snip>

[ reply ]