CVE-2007-4646

Name of the Vulnerable Software and Affected Versions: Hexamail Server version 3.0.0.001 Lite

Description: The issue is related to a buffer overflow in the pop3 service, which can be triggered by remote attackers sending a long USER command. This can cause a denial of service, resulting in the daemon crashing, and potentially allow the execution of arbitrary code.

Recommendations: For Hexamail Server version 3.0.0.001 Lite, consider disabling the pop3 service until a patch is available to prevent potential exploitation. Restrict access to the pop3 service to minimize the risk of a denial of service or code execution. Avoid using long USER commands in the affected pop3 service until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.