On Monday 22 December 2008, ArcSighter Elite wrote:
> I came this morning with something. The MS08-67 patch when challenge
> keys couldn't be replayed, affects also the other variants of the
> attack, such as http 401 + WWW-Authenticate: NTLM, and the IMAP, POP
> and SMTP versions?
Supposedly it affects any component that initializes the security
negotiation the "right" way, but only during a direct reflection attack.
You can still relay to a third-party host regardless of protocol.
Framework-Hackers mailing list