[ http://issues.apache.org/jira/browse/JAMES-535?page=all ]
Noel J. Bergman resolved JAMES-535:
-----------------------------------
Fix Version: 2.3.0
2.4.0
Resolution: Fixed
Should be resolved in the v2.3 release branch and in trunk.
> Denial of service (CPU consumption) via a long argument to the MAIL command.
> ----------------------------------------------------------------------------
>
> Key: JAMES-535
> URL: http://issues.apache.org/jira/browse/JAMES-535
> Project: James
> Type: Bug
> Components: SMTPServer
> Versions: 2.3.0a1, 2.2.0, 2.3.0a2, 2.3.0a3, 2.3.0b1
> Reporter: Norman Maurer
> Priority: Critical
> Fix For: 2.3.0, 2.4.0
>
> The SMTP server in Apache Java Mail Enterprise Server (aka Apache James)
> 2.2.0 allows remote attackers to cause a denial of service (CPU consumption)
> via a long argument to the MAIL command.
> See:
> http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2806
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
