Wednesday, September 29, 2004

Security Fix : Intellipeer Email Server

We received a report yesterday of a vulnerability in the POP3 component of Intellipeer Email Server. The vulnerability allowed a malicious hacker to figure out email account names through trial and error based on the response of the POP3 USER command.

We have corrected the problem and posted a fix on our site at We encourage all current customers to upgrade to this latest release. There have been no reports of any customers actually affected by this vulnerability, but expect some activity based on this report.

If you have any questions or concerns about this vulnerability or patch, please direct your comments to