IMAP Default passwords
----------------------

CVE Number: 
CAN-1999-0501, CAN-1999-0502
CAN-1999-0503, CAN-1999-0504

Details:
An account with a default, or easily guessable password was accessible using
the IMAP service.

Fix:
Disable or restrict the accessibility of the IMAP service.
Remove unused accounts and accounts with default passwords.
Impose a password change policy to include quality, reuse prevention,
expiration and replacement frequency.
Replace reusable passwords with stronger authentication technology such
as hardware tokens or one time passwords.

Related URLs:
http://www.sans.org/topten.htm#8

$Id: imap,v 1.1 2000/11/06 15:34:19 loveless Exp $
