From LWN.net: "There are several buffer overflows in imap, ipop2d and ipop3d. These
overflows usually only make it possible for local users to gain access
to a process running under their own UID.
However, due to a misconfiguration, it is possible for remote
attackers to gain access to the 'nobody' account and run programs
or further exploits on the attacked machine."