On Wed, 4 Sep 2002, Andreas Hansson wrote:
> > A search for xmail vulnerability turns up two cases, one in the ctrl > protocol and one in the pop3 server. Both are pretty old, from versions 0.58 > and 0.67. You should have seen them both though if you started in 0.5 ;) the one about the CTRL protocol was bogus. it assumed that you have to login before the exploit, and the CTRL login is an admin login. it's like sayint that telnet is vulnerable because, if you login as root, you can mkfs remote drives ... - Davide - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
