Courier-IMAP Username SQL Injection Vulnerability
The vendor has addressed this issue in the latest version of Courier-IMAP.
Debian has released an advisory containing fixes. Information about obtaining and installing updates are available in the referenced advisory. Users of the apt-get system are able to issue either of the following commands to update their systems:
Double Precision Incorporated Courier MTA 0.37.3
Inter7 Courier-IMAP 1.6