漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Apache James IMAP parsing Denial Of Service
Vulnerability Description
In Apache James, while fuzzing with Jazzer the IMAP parsing stack, we discover that crafted APPEND and STATUS IMAP command could be used to trigger infinite loops resulting in expensive CPU computations and OutOfMemory exceptions. This can be used for a Denial Of Service attack. The IMAP user needs to be authenticated to exploit this vulnerability. This affected Apache James prior to version 3.6.1. This vulnerability had been patched in Apache James 3.6.1 and higher. We recommend the upgrade.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Apache James 安全漏洞
Vulnerability Description
Apache James是美国阿帕奇(Apache)基金会的一个完全用 Java 编写的开源 Smtp 和 Pop3 邮件传输代理和 Nntp 新闻服务器。 Apache James 3.6.1存在安全漏洞,攻击者可利用该漏洞通过精心编制的APPEND和STATUS IMAP命令触发无限循环,可用于拒绝服务攻击。
CVSS Information
N/A
Vulnerability Type
N/A