Stack-based buffer overflow in the IMAP service in NetWin SurgeMail 38k4-4 and earlier allows remote authenticated users to execute arbitrary code via long arguments to the LSUB command.Referenceshttp://securityreason.com/securityalert/3774http://www.infigo.hr/en/in_focus/advisories/INFIGO-2008-03-07http://secunia.com/advisories/29105http://www.securityfocus.com/archive/1/489959/100/0/threadedhttp://www.securityfocus.com/bid/28377https://exchange.xforce.ibmcloud.com/vulnerabilities/41402http://www.netwinsite.com/surgemail/help/updates.htm
