You are viewing a plain text version of this content. The canonical link for it is here.
Posted to server-dev@james.apache.org by "Norman Maurer (JIRA)" <se...@james.apache.org> on 2006/06/15 10:56:30 UTC
[jira] Created: (JAMES-535) Denial of service (CPU consumption) via
a long argument to the MAIL command.
Denial of service (CPU consumption) via a long argument to the MAIL command.
----------------------------------------------------------------------------
Key: JAMES-535
URL: http://issues.apache.org/jira/browse/JAMES-535
Project: James
Type: Bug
Components: SMTPServer
Versions: 2.3.0a1, 2.2.0, 2.3.0a2, 2.3.0a3, 2.3.0b1
Reporter: Norman Maurer
Priority: Critical
The SMTP server in Apache Java Mail Enterprise Server (aka Apache James) 2.2.0 allows remote attackers to cause a denial of service (CPU consumption) via a long argument to the MAIL command.
See:
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2806
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org
[jira] Updated: (JAMES-535) Denial of service (CPU consumption) via
a long argument to the MAIL command.
Posted by "Stefano Bagnara (JIRA)" <se...@james.apache.org>.
[ http://issues.apache.org/jira/browse/JAMES-535?page=all ]
Stefano Bagnara updated JAMES-535:
----------------------------------
Fix Version: 2.3.0b2
(was: 2.3.0)
(was: 2.4.0)
> Denial of service (CPU consumption) via a long argument to the MAIL command.
> ----------------------------------------------------------------------------
>
> Key: JAMES-535
> URL: http://issues.apache.org/jira/browse/JAMES-535
> Project: James
> Type: Bug
> Components: SMTPServer
> Versions: 2.3.0a1, 2.2.0, 2.3.0a2, 2.3.0a3, 2.3.0b1
> Reporter: Norman Maurer
> Assignee: Noel J. Bergman
> Priority: Critical
> Fix For: 2.3.0b2
>
> The SMTP server in Apache Java Mail Enterprise Server (aka Apache James) 2.2.0 allows remote attackers to cause a denial of service (CPU consumption) via a long argument to the MAIL command.
> See:
> http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2806
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org
[jira] Resolved: (JAMES-535) Denial of service (CPU consumption)
via a long argument to the MAIL command.
Posted by "Noel J. Bergman (JIRA)" <se...@james.apache.org>.
[ http://issues.apache.org/jira/browse/JAMES-535?page=all ]
Noel J. Bergman resolved JAMES-535:
-----------------------------------
Fix Version: 2.3.0
2.4.0
Resolution: Fixed
Should be resolved in the v2.3 release branch and in trunk.
> Denial of service (CPU consumption) via a long argument to the MAIL command.
> ----------------------------------------------------------------------------
>
> Key: JAMES-535
> URL: http://issues.apache.org/jira/browse/JAMES-535
> Project: James
> Type: Bug
> Components: SMTPServer
> Versions: 2.3.0a1, 2.2.0, 2.3.0a2, 2.3.0a3, 2.3.0b1
> Reporter: Norman Maurer
> Priority: Critical
> Fix For: 2.3.0, 2.4.0
>
> The SMTP server in Apache Java Mail Enterprise Server (aka Apache James) 2.2.0 allows remote attackers to cause a denial of service (CPU consumption) via a long argument to the MAIL command.
> See:
> http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2806
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org
[jira] Assigned: (JAMES-535) Denial of service (CPU consumption)
via a long argument to the MAIL command.
Posted by "Noel J. Bergman (JIRA)" <se...@james.apache.org>.
[ http://issues.apache.org/jira/browse/JAMES-535?page=all ]
Noel J. Bergman reassigned JAMES-535:
-------------------------------------
Assign To: Noel J. Bergman
> Denial of service (CPU consumption) via a long argument to the MAIL command.
> ----------------------------------------------------------------------------
>
> Key: JAMES-535
> URL: http://issues.apache.org/jira/browse/JAMES-535
> Project: James
> Type: Bug
> Components: SMTPServer
> Versions: 2.3.0a1, 2.2.0, 2.3.0a2, 2.3.0a3, 2.3.0b1
> Reporter: Norman Maurer
> Assignee: Noel J. Bergman
> Priority: Critical
> Fix For: 2.3.0, 2.4.0
>
> The SMTP server in Apache Java Mail Enterprise Server (aka Apache James) 2.2.0 allows remote attackers to cause a denial of service (CPU consumption) via a long argument to the MAIL command.
> See:
> http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2806
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org