The current imap-2002 development snapshot is not vulnerable, regardless of whether or not the disabled code is re-enabled.
There is a vulnerability in imap-2000c and earlier.
The vulnerability is in RFC 1730 support code (obsolete since 1996), which was disabled via #ifdef in imap-2001. As a consequence, imap-2001 and imap-2001a are NOT vulnerable unless imapd was built with the disabled code re-enabled.
The vulnerability is NOT a root compromise vulnerability. There have been no root compromise vulnerabilities in imapd since 1998.
The vulnerability does NOT allow an unauthorized individual access to the system.
The primary consequence of the vulnerability is that an authorized individual can obtain shell access to the server. Thus, the vulnerability is primarily of concern to sites which do not permit authorized users to have shell access; and is of little (if any) concern to sites which permit shell access.
See FAQ 5.2 for related information:
Ive heard that IMAP servers are insecure. Is this true?