PT-2006-3724 · Apache · Apache James
Ahmad Muammar W.K
+1
·
Publicado
2006-06-05
·
Atualizado
2018-10-18
·
CVE-2006-2806
CVSS v2.0
7.8
Alta
| Vetor | AV:N/AC:L/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
Apache Java Mail Enterprise Server (aka Apache James) version 2.2.0
Description
The issue allows remote attackers to cause a denial of service, specifically CPU consumption, by sending a long argument to the
MAIL command in the SMTP server.Recommendations
For Apache Java Mail Enterprise Server (aka Apache James) version 2.2.0, consider restricting access to the SMTP server or limiting the length of arguments to the
MAIL command as a temporary workaround until a patch is available.Exploit
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Apache James