GEN:SID 1:1935
Message POP2 FOLD arbitrary file attempt
Summary This event is generated when an attempt is made to exploit a buffer
overflow condition in the Post Office Protocol (POP) command FOLD.
Impact Possible remote execution of arbitrary code leading to a remote root
compromise.
Detailed Information A vulnerability exists such that an attacker may include files of their
choosing when supplying data to a POP server via the FOLD command.

The FOLD command allows the user to specify a mail folder to select.  By
specifying a very large argument, the user can exploit the buffer overflow
condition.
Affected Systems  
Attack Scenarios Simple. An attacker can supply specially crafted packets to a POP server
via the FOLD function.
Ease of Attack Simple.
Corrective Action Upgrade to the latest non-affected version of the software.
Additional References RFC 937:
http://www.faqs.org/rfc/rfc937.txt