GEN:SID 1:2665
Message IMAP login literal format string attempt
Summary This event is generated when a remote attacker attempts to exploit a
format string vulnerability against an IMAP server.
Impact Serious. A successful format string attack could result in the
execution of arbitrary code with the same privileges as the user running
the IMAP daemon.
Detailed Information Some versions of the Courier IMAP daemon are vulnerable to format string
exploits prior to and during authentication to the IMAP server.  A
successful exploit attempt could result in the remote attacker gaining
unauthorized root access to a vulnerable system.
Affected Systems Courier IMAP server versions 1.6 though 3.0.2
Attack Scenarios A remote attacker could use a publicly available script to exploit the
vulnerability an gain control of the target host.
Ease of Attack Simple. Exploit code is available.
Corrective Action Upgrade to the latest non-affected version of the software.
Additional References  
Rule References bugtraq: 10976