[JAMES-44] User passwords are displayed in the log - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Resolution: Fixed
Affects Version/s: 2.0a3
Fix Version/s: None
Component/s: POP3Server
Labels:
None
Environment:
Operating System: Other
Platform: Other

Bugzilla Id:
11234

Description

Contrary to standard security practices, the POP3Handler displays the user
password in the log. This allows the administrator or anyone with read-only
access to the server logs to gain access to users' mailboxes. Very bad. Very
easy fix.

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Peter M. Goldstein

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 28/Jul/02 01:52

Updated:: 06/Jun/04 21:33

Resolved:: 06/Jun/04 21:33