[ SOURCE: http://www.secureroot.com/security/advisories/9772053985.html ] MDaemon mail server for Windows comes with a utility called MDConfig to remotely administer a MDaemon server. To establish MDConfig connection to a MDaemon server, an administrator must enable MDConfig server on the server machine. Connection will be established on a predefined TCP port, by default 3002. Connection procedure is similar to these: --> telnet servernameORipaddress 3002 +OK domainname MDCONFIG interface ready --> VERS {ENTER} -ERR MDConfig v3.5.0 required (we identify the server version here, connection closed) Try to connect again: --> telnet servernameORipaddress 3002 +OK domainname MDCONFIG interface ready --> VERS MDConfig v3.5.0 {ENTER} +OK MDConfig v3.5.0 acceptable (Connection established) ---> USER anyname +OK got it Here just wait without giving any password. The server will be waiting until either the correct password is entered or the inactivity timeout period (possibly 10 minutes). During this period you can press ENTER to avoid timeout problem. Inactitivity time will be reset back to 10 minutes and restart countdown. OK, the problem or the possible DOS attack on MDConfig is here. Now open another telnet session and try to connect. The connection will be refused. So, malicious user can esatablish a connection and maintain the link and any MDaemon administrator who try remote administer the server will be refused connection. Isn't it bit annoying and ALT+N must take care of it? Riyad Sri Lanka