aboutsummaryrefslogtreecommitdiffstats
path: root/security/vuxml/vuln.xml
diff options
context:
space:
mode:
Diffstat (limited to 'security/vuxml/vuln.xml')
-rw-r--r--security/vuxml/vuln.xml27
1 files changed, 27 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml
index 488f88e15c08..d3087b7ac779 100644
--- a/security/vuxml/vuln.xml
+++ b/security/vuxml/vuln.xml
@@ -32,6 +32,33 @@ EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+ <vuln vid="d1bbc235-c0c9-45cd-8d2d-c1b8fd22e616">
+ <topic>imap-uw -- authentication bypass when CRAM-MD5 is enabled</topic>
+ <affects>
+ <package>
+ <name>imap-uw</name>
+ <range><lt>2004b,1</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>The CRAM-MD5 authentication support of the University of
+ Washington IMAP and POP3 servers contains a vulnerability that
+ may allow an attacker to bypass authentication and impersonate
+ arbitrary users. Only installations with CRAM-MD5 support
+ configured are affected.</p>
+ </body>
+ </description>
+ <references>
+ <cvename>CAN-2005-0198</cvename>
+ <certvu>702777</certvu>
+ </references>
+ <dates>
+ <discovery>2005-01-04</discovery>
+ <entry>2005-06-03</entry>
+ </dates>
+ </vuln>
+
<vuln vid="5bf1a715-cc57-440f-b0a5-6406961c54a7">
<topic>squid -- denial-of-service vulnerabilities</topic>
<affects>
generated by cgit (git 2.34.1) at 2024-11-25 23:25:02 +0800