I believe this problem also exists in Hardy. Following is a log message that illustrates the issue:
Aug 14 12:34:57 ubuntumailsvr dovecot: auth(default): sql(***USERNAME OMITTED***,127.0.0.1): CRYPT(trader) != '$1$crGRJM.l$WFcCPMqyDT1AB9gkkdnyN/ Using a PHP function, I can feed the password and hash in against the CRYPT() function for a successful match. -- Dovecot Plain auth broken in 1.1.1, fixed in 1.2.1 https://bugs.launchpad.net/bugs/398733 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to dovecot in ubuntu. -- Ubuntu-server-bugs mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
