Washington University · Uw-Imap · CVE-2005-0198
**Name of the Vulnerable Software and Affected Versions**
University of Washington IMAP (UW-IMAP) server (affected versions not specified)
**Description**
A logic error in the CRAM-MD5 code does not properly enforce all the required conditions for successful authentication, allowing remote attackers to authenticate as arbitrary users when CRAM-MD5 is enabled.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.