You are viewing a plain text version of this content. The canonical link for it is here.
Posted to server-dev@james.apache.org by ji...@apache.org on 2004/06/06 23:33:54 UTC
[jira] Closed: (JAMES-44) User passwords are displayed in the log
Message:
The following issue has been closed.
---------------------------------------------------------------------
View the issue:
http://issues.apache.org/jira/browse/JAMES-44
Here is an overview of the issue:
---------------------------------------------------------------------
Key: JAMES-44
Summary: User passwords are displayed in the log
Type: Bug
Status: Closed
Resolution: FIXED
Project: James
Components:
POP3Server
Versions:
2.0a3
Assignee:
Reporter: Peter M. Goldstein
Created: Sat, 27 Jul 2002 6:52 PM
Updated: Sun, 6 Jun 2004 2:33 PM
Environment: Operating System: Other
Platform: Other
Description:
Contrary to standard security practices, the POP3Handler displays the user
password in the log. This allows the administrator or anyone with read-only
access to the server logs to gain access to users' mailboxes. Very bad. Very
easy fix.
---------------------------------------------------------------------
JIRA INFORMATION:
This message is automatically generated by JIRA.
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
If you want more information on JIRA, or have a bug to report see:
http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org