GEN:SID 1:2241
Message WEB-MISC cwmail.exe access
Summary This event is generated when an attempt is made to exploit a known
vulnerablity in NetWin CWMail 2.7.
Impact Serious. Execution of arbitrary code is possible.
Detailed Information Certain versions of NetWin CWMail suffer from a buffer overflow
condition that can present an attacker with the opportunity to execute
code of their choosing on the server.
Affected Systems NetWin CWMail 2.7, a, b, c, d, f, i, j, k, l, m, n, o, p, q, s and t
    
Attack Scenarios The attacker would need to supply a large amount of characters to the
"item=" parameter which could then cause the overflow condition to
occur.
Ease of Attack Simple.
Corrective Action Upgrade to the latest non-affected version of the software.
Additional References Bugtraq:
http://www.securityfocus.com/bid/4093
Rule References bugtraq: 4093
cve: 2002-0273
nessus: 11727