GEN:SID 1:2250
Message POP3 USER format string attempt
Summary This event is generated when an attempt is made to exploit a known
vulnerability in Magic Winmail Server.
Impact Serious. Possible arbitrary code execution.
Detailed Information The Magic Winmail Server contains a programming error such that
exploitation of the USER POP3 command is possible by supplying malicious
code via the USER command.
Affected Systems AMAX Information Technologies Inc. Magic Winmail Server 2.3
Attack Scenarios The attacker can connect to the POP3 server and use the USER command to
supply the necessary code or the attacker can use the available exploit
code.
Ease of Attack Simple. Exploit code is available.
Corrective Action Upgrade to the latest non-affected version of the software.
Additional References  
Rule References bugtraq: 10976
bugtraq: 7667
cve: 2003-0391
nessus: 11742