[原文]Mail in Mac OS X before 10.3, when configured to use MD5 Challenge Response, uses plaintext authentication if the CRAM-MD5 hashed login fails, which could allow remote attackers to gain privileges by sniffing the password.
Apple Mac OS X Mail Cleartext Login on CRAM-MD5 Failure
Remote / Network Access
Loss of Confidentiality
Mac OS X Mail contains a flaw that may allow a malicious user to sniff a plaintext password. The issue is triggered when CRAM-MD5 authentication fails, and the client falls back to plaintext authentication. It is possible that the flaw may allow plaintext password disclosure resulting in a loss of confidentiality.
Currently, there are no known workarounds or upgrades to correct this issue. However, Apple has released a patch to address this vulnerability.