security flaw

Buffer overflow in the mailvalidnetparsework function in mail.c for Washington's IMAP Server UW-IMAP before imap-2004g allows remote attackers to execute arbitrary code via a mailbox name containing a single double-quote " character without a closing quote, which causes bytes after the double-quo...

CVE-2005-0198

A logic error in the CRAM-MD5 code for the University of Washington IMAP UW-IMAP server, when Challenge-Response Authentication Mechanism with MD5 CRAM-MD5 is enabled, does not properly enforce all the required conditions for successful authentication, which allows remote attackers to authenticat...

AZL-37157 CVE-2005-0198 affecting package uw-imap 2007f-26

A logic error in the CRAM-MD5 code for the University of Washington IMAP UW-IMAP server, when Challenge-Response Authentication Mechanism with MD5 CRAM-MD5 is enabled, does not properly enforce all the required conditions for successful authentication, which allows remote attackers to authenticat...

UW-IMAP CRAM-MD5 Remote Authentication Bypass

There is a flaw in the remote UW-IMAP server which allows an authenticated user to log into the server as any user. The flaw is in the CRAM-MD5 authentication theme. An attacker, exploiting this flaw, would only need to identify a vulnerable UW-IMAP server which had enabled the CRAM-MD5...

CVE-2002-0379

Buffer overflow in University of Washington imap server uw-imapd imap-2001 imapd 2001.315 and imap-2001a imapd 2001.315 with legacy RFC 1730 support, and imapd 2000.287 and earlier, allows remote authenticated users to execute arbitrary code via a long BODY request...