Family: Misc. --> Category: infos
UW-IMAP CRAM-MD5 Remote Authentication Bypass Vulnerability Vulnerability Scan
Vulnerability Scan Summary
Checks the version of UW-IMAP
Detailed Explanation for this Vulnerability Test
There is a flaw in the remote UW-IMAP server which allows an
authenticated user to log into the server as any user. The flaw is
in the CRAM-MD5 authentication theme.
A possible hacker, exploiting this flaw, would only need to identify a
vulnerable UW-IMAP server which had enabled the CRAM-MD5 authentication
The attacker would then be able to log in as any valid user.
It is important to note that the IMAP daemon will automatically enable
CRAM-MD5 if the /etc/cram-md5.pwd file exists.
Solution : Upgrade to the most recent version of UW-IMAP.
In addition, the fact that CRAM-MD5 is enabled indicates that
the server is storing the IMAP passwords in plaintext.
Ensure that the /etc/cram-md5.pwd file is mode 0400.
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.