Vulnerabilities > CVE-2006-2806 - Denial Of Service vulnerability in Apache James 2.2.0

CVSS 7.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

COMPLETE

network

low complexity

apache

NVD

Published: 2006-06-05

Updated: 2018-10-18

Summary

The SMTP server in Apache Java Mail Enterprise Server (aka Apache James) 2.2.0 allows remote attackers to cause a denial of service (CPU consumption) via a long argument to the MAIL command. "James" is an acronym for the product Java Mail Enterprise Server.

Vulnerable Configurations

Part	Description	Count
Application	Apache Apache James 2.2.0	1

References

http://advisories.echo.or.id/adv/adv31-y3dips-2006.txt
http://securityreason.com/securityalert/1038
http://www.securityfocus.com/archive/1/435278/100/0/threaded
http://www.securityfocus.com/bid/18138
https://exchange.xforce.ibmcloud.com/vulnerabilities/26786