AZL-37157

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-37157.json

JSON Data

https://api.osv.dev/v1/vulns/AZL-37157

Upstream

CVE-2005-0198

Published

2005-05-02T04:00:00Z

Modified

2026-04-21T04:28:14.573036Z

Summary

CVE-2005-0198 affecting package uw-imap 2007f-26

Details

A logic error in the CRAM-MD5 code for the University of Washington IMAP (UW-IMAP) server, when Challenge-Response Authentication Mechanism with MD5 (CRAM-MD5) is enabled, does not properly enforce all the required conditions for successful authentication, which allows remote attackers to authenticate as arbitrary users.

References

https://nvd.nist.gov/vuln/detail/CVE-2005-0198

Affected packages

Azure Linux:2 / uw-imap

Package

Name: uw-imap
Purl: pkg:rpm/azure-linux/uw-imap

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Last affected

2007f-26

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-37157.json"