source: http://www.securityfocus.com/bid/755/info
 
The Avirt Mail Server 3.3a and 3.5 packages are vulnerable to a remote buffer overflow vulnerability. The buffer overflow can be initiated by passing 856 characters in the password field.

http://www.exploit-db.com/sploits/19580.zip