Remote exploitation of a buffer overflow vulnerability in Novell Inc.’s NetMail IMAP daemon allows authenticated attackers to execute arbitrary code with the privileges of the underlying user.

Once logged in, attackers can execute the “subscribe” command with an overly long argument string to overflow a stack based buffer.

iDefense Labs