MDaemon POP server 6.0.7 and earlier allows remote authenticated users to cause a denial of service (crash) via a (1) DELE or (2) UIDL with a negative number.
https://exchange.xforce.ibmcloud.com/vulnerabilities/11882
http://www.securityfocus.com/bid/7445
http://archives.neohapsis.com/archives/bugtraq/2003-04/0359.html
http://archive.cert.uni-stuttgart.de/bugtraq/2003/04/msg00364.html