[ http://issues.apache.org/jira/browse/JAMES-535?page=all ]
Stefano Bagnara updated JAMES-535:
----------------------------------
Fix Version: 2.3.0b2
(was: 2.3.0)
(was: 2.4.0)
> Denial of service (CPU consumption) via a long argument to the MAIL command.
> ----------------------------------------------------------------------------
>
> Key: JAMES-535
> URL: http://issues.apache.org/jira/browse/JAMES-535
> Project: James
> Type: Bug
> Components: SMTPServer
> Versions: 2.3.0a1, 2.2.0, 2.3.0a2, 2.3.0a3, 2.3.0b1
> Reporter: Norman Maurer
> Assignee: Noel J. Bergman
> Priority: Critical
> Fix For: 2.3.0b2
>
> The SMTP server in Apache Java Mail Enterprise Server (aka Apache James)
> 2.2.0 allows remote attackers to cause a denial of service (CPU consumption)
> via a long argument to the MAIL command.
> See:
> http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2806
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
