cnvd - cnvd-2022-01769

cnvd-2022-01769

Vulnerability from cnvd

Title: Apache James拒绝服务漏洞

Description:

Apache James是美国阿帕奇（Apache）基金会的一个完全用Java 编写的开源Smtp和 Pop3邮件传输代理和 Nntp新闻服务器。

Apache James在3.6.1版本存在拒绝服务漏洞，攻击者可利用该漏洞通过精心编制的APPEND和STATUS IMAP命令触发无限循环，可用于拒绝服务攻击。

Severity: 中

Patch Name: Apache James拒绝服务漏洞的补丁

Patch Description:

Apache James是美国阿帕奇（Apache）基金会的一个完全用Java 编写的开源Smtp和 Pop3邮件传输代理和 Nntp新闻服务器。

Apache James在3.6.1版本存在拒绝服务漏洞，攻击者可利用该漏洞通过精心编制的APPEND和STATUS IMAP命令触发无限循环，可用于拒绝服务攻击。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

厂商已发布了漏洞修复程序，请及时关注更新： https://seclists.org/oss-sec/2022/q1/3

Reference: https://www.openwall.com/lists/oss-security/2022/01/04/3

Impacted products

Name
Apache James 3.6.1

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2021-40111",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2021-40111"
    }
  },
  "description": "Apache James\u662f\u7f8e\u56fd\u963f\u5e15\u5947\uff08Apache\uff09\u57fa\u91d1\u4f1a\u7684\u4e00\u4e2a\u5b8c\u5168\u7528Java \u7f16\u5199\u7684\u5f00\u6e90Smtp\u548c Pop3\u90ae\u4ef6\u4f20\u8f93\u4ee3\u7406\u548c Nntp\u65b0\u95fb\u670d\u52a1\u5668\u3002\n\nApache James\u57283.6.1\u7248\u672c\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u901a\u8fc7\u7cbe\u5fc3\u7f16\u5236\u7684APPEND\u548cSTATUS IMAP\u547d\u4ee4\u89e6\u53d1\u65e0\u9650\u5faa\u73af\uff0c\u53ef\u7528\u4e8e\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://seclists.org/oss-sec/2022/q1/3",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2022-01769",
  "openTime": "2022-01-08",
  "patchDescription": "Apache James\u662f\u7f8e\u56fd\u963f\u5e15\u5947\uff08Apache\uff09\u57fa\u91d1\u4f1a\u7684\u4e00\u4e2a\u5b8c\u5168\u7528Java \u7f16\u5199\u7684\u5f00\u6e90Smtp\u548c Pop3\u90ae\u4ef6\u4f20\u8f93\u4ee3\u7406\u548c Nntp\u65b0\u95fb\u670d\u52a1\u5668\u3002\r\n\r\nApache James\u57283.6.1\u7248\u672c\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u901a\u8fc7\u7cbe\u5fc3\u7f16\u5236\u7684APPEND\u548cSTATUS IMAP\u547d\u4ee4\u89e6\u53d1\u65e0\u9650\u5faa\u73af\uff0c\u53ef\u7528\u4e8e\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Apache James\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Apache James 3.6.1"
  },
  "referenceLink": "https://www.openwall.com/lists/oss-security/2022/01/04/3",
  "serverity": "\u4e2d",
  "submitTime": "2022-01-06",
  "title": "Apache James\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e"
}

CVE-2021-40111 (GCVE-0-2021-40111)

Vulnerability from cvelistv5

Published

2022-01-04 08:55

Modified

2024-08-04 02:27

Severity ?

CWE

Denial Of Service

Summary

In Apache James, while fuzzing with Jazzer the IMAP parsing stack, we discover that crafted APPEND and STATUS IMAP command could be used to trigger infinite loops resulting in expensive CPU computations and OutOfMemory exceptions. This can be used for a Denial Of Service attack. The IMAP user needs to be authenticated to exploit this vulnerability. This affected Apache James prior to version 3.6.1. This vulnerability had been patched in Apache James 3.6.1 and higher. We recommend the upgrade.

References

▼	URL	Tags
	https://www.openwall.com/lists/oss-security/2022/01/04/3	x_refsource_MISC
	http://www.openwall.com/lists/oss-security/2022/01/04/3	mailing-list, x_refsource_MLIST

Impacted products

	Vendor	Product	Version
	Apache Software Foundation	Apache James	Version: Apache James <

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T02:27:31.847Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.openwall.com/lists/oss-security/2022/01/04/3"
          },
          {
            "name": "[oss-security] 20220104 CVE-2021-40111: Apache James IMAP parsing Denial Of Service",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2022/01/04/3"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Apache James",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThanOrEqual": "3.6.0",
              "status": "affected",
              "version": "Apache James",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "The Apache James PMC would like to thanks Benoit TELLIER for the report."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In Apache James, while fuzzing with Jazzer the IMAP parsing stack, we discover that crafted APPEND and STATUS IMAP command could be used to trigger infinite loops resulting in expensive CPU computations and OutOfMemory exceptions. This can be used for a Denial Of Service attack. The IMAP user needs to be authenticated to exploit this vulnerability. This affected Apache James prior to version 3.6.1. This vulnerability had been patched in Apache James 3.6.1 and higher. We recommend the upgrade."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "other": "moderate"
            },
            "type": "unknown"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Denial Of Service",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-01-04T09:06:16",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.openwall.com/lists/oss-security/2022/01/04/3"
        },
        {
          "name": "[oss-security] 20220104 CVE-2021-40111: Apache James IMAP parsing Denial Of Service",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2022/01/04/3"
        }
      ],
      "source": {
        "defect": [
          "JAMES-3634"
        ],
        "discovery": "UNKNOWN"
      },
      "title": "Apache James IMAP parsing Denial Of Service",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@apache.org",
          "ID": "CVE-2021-40111",
          "STATE": "PUBLIC",
          "TITLE": "Apache James IMAP parsing Denial Of Service"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Apache James",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c=",
                            "version_name": "Apache James",
                            "version_value": "3.6.0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Apache Software Foundation"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "The Apache James PMC would like to thanks Benoit TELLIER for the report."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In Apache James, while fuzzing with Jazzer the IMAP parsing stack, we discover that crafted APPEND and STATUS IMAP command could be used to trigger infinite loops resulting in expensive CPU computations and OutOfMemory exceptions. This can be used for a Denial Of Service attack. The IMAP user needs to be authenticated to exploit this vulnerability. This affected Apache James prior to version 3.6.1. This vulnerability had been patched in Apache James 3.6.1 and higher. We recommend the upgrade."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": [
          {
            "other": "moderate"
          }
        ],
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Denial Of Service"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.openwall.com/lists/oss-security/2022/01/04/3",
              "refsource": "MISC",
              "url": "https://www.openwall.com/lists/oss-security/2022/01/04/3"
            },
            {
              "name": "[oss-security] 20220104 CVE-2021-40111: Apache James IMAP parsing Denial Of Service",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2022/01/04/3"
            }
          ]
        },
        "source": {
          "defect": [
            "JAMES-3634"
          ],
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2021-40111",
    "datePublished": "2022-01-04T08:55:24",
    "dateReserved": "2021-08-25T00:00:00",
    "dateUpdated": "2024-08-04T02:27:31.847Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted