[原文]The default configuration of Mail.app in Mac OS X 10.0 through 10.0.4 and 10.1 through 10.1.5 sends iDisk authentication credentials in cleartext when connecting to Mac.com, which could allow remote attackers to obtain passwords by sniffing network traffic.
Mac OS X 10.0至10.0.4和10.1至10.1.5版本中Mail.app的默认配置在连接Mac.com时以明文的方式发送iDisk认证凭证，远程攻击者通过窥探网络通信获取密码。
This issue is a problem in the default configuration of Mail.app and may be mitigated by enabling SSL in the client. Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: firstname.lastname@example.org .