[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    [oss-security] Apache James Server 2.3.2 security vulnerability fixed
From:       Eric Charles <eric () apache ! org>
Date:       2015-09-30 13:20:28
Message-ID: 560BE19C.50901 () apache ! org
[Download RAW message or body]

Severity: Important

Vendor: The Apache Software Foundation

Versions Affected: James Server 2.3.2

Description: Apache James Server 2.3.2 has security issue that can let a 
user execute arbitrary system command for servers configured with file 
based user repositories.

Mitigation: 2.3.2 users should upgrade to 2.3.2.1 to be downloaded from 
http://james.apache.org/download.cgi#Apache_James_Server

Credit: This issue was discovered by Palaczynski Jakub 
<Jakub.Palaczynski@ingservicespolska.pl> (recorded as VU#988628 by CERT)

[prev in list] [next in list] [prev in thread] [next in thread]