GEN:SID 1:2666
Message POP3 PASS format string attempt
Summary This event is generated when a remote attacker attempts to exploit a
format string vulnerability against a POP server.
Impact Serious. A successful format string attack could result in the
execution of arbitrary code with the same privileges as the user running
the POP daemon.
Detailed Information Some versions of the Courier POP daemon are vulnerable to format string
exploits prior to and during authentication to the POP server.  A
successful exploit attempt could result in the remote attacker gaining
unauthorized root access to a vulnerable system.
Affected Systems Courier IMAP/POP server versions 1.6 though 3.0.2
Attack Scenarios A remote attacker could use a publicly available script to exploit the
vulnerability an gain control of the target host.
Ease of Attack Simple. Exploit code is available.
Corrective Action Upgrade to the latest non-affected version of the software.
Additional References  
Rule References bugtraq: 10976