Issue Details (XML | Word | Printable)

Key: JAMES-535
Type: Bug Bug
Status: Closed Closed
Resolution: Fixed
Priority: Critical Critical
Assignee: Noel J. Bergman
Reporter: Norman Maurer
Votes: 0
Watchers: 0
Operations

If you were logged in you would be able to see more operations.
JAMES Server

Denial of service (CPU consumption) via a long argument to the MAIL command.

Created: 15/Jun/06 03:54 PM   Updated: 21/Nov/07 08:31 AM
Return to search
Component/s: SMTPServer
Affects Version/s: 2.2.0, 2.3.0
Fix Version/s: 2.3.0

Time Tracking:
Not Specified

Resolution Date: 16/Jun/06 04:02 AM


 Description  « Hide
The SMTP server in Apache Java Mail Enterprise Server (aka Apache James) 2.2.0 allows remote attackers to cause a denial of service (CPU consumption) via a long argument to the MAIL command.

See:
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2806

 All   Comments   Work Log   Change History   Subversion Commits      Sort Order: Ascending order - Click to sort in descending order
Noel J. Bergman made changes - 16/Jun/06 04:02 AM
Field Original Value New Value
Fix Version/s 2.4.0 [ 12311645 ]
Status Open [ 1 ] Resolved [ 5 ]
Fix Version/s 2.3.0 [ 12310796 ]
Resolution Fixed [ 1 ]
Noel J. Bergman made changes - 16/Jun/06 07:31 AM
Assignee Noel J. Bergman [ noel ]
Stefano Bagnara made changes - 06/Jul/06 10:33 PM
Fix Version/s 2.3.0 [ 12310796 ]
Fix Version/s 2.3.0b2 [ 12311974 ]
Fix Version/s 2.4.0 [ 12311645 ]
Danny Angus made changes - 21/Nov/07 08:31 AM
Status Resolved [ 5 ] Closed [ 6 ]

Powered by a free Atlassian JIRA open source license for Apache Software Foundation. Try JIRA - bug tracking software for your team.
Atlassian JIRA the Professional Issue Tracker. (Enterprise Edition, Version: 3.13.2-#335) - Bug/feature request - Atlassian news - Contact Administrators