CVE-2021-40111 – Apache James IMAP parsing Denial Of Service
https://notcve.org/view.php?id=CVE-2021-40111
In Apache James, while fuzzing with Jazzer the IMAP parsing stack, we discover that crafted APPEND and STATUS IMAP command could be used to trigger infinite loops resulting in expensive CPU computations and OutOfMemory exceptions. This can be used for a Denial Of Service attack. The IMAP user needs to be authenticated to exploit this vulnerability. This affected Apache James prior to version 3.6.1. This vulnerability had been patched in Apache James 3.6.1 and higher. • http://www.openwall.com/lists/oss-security/2022/01/04/3 https://www.openwall.com/lists/oss-security/2022/01/04/3 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVE-2021-40110 – Apache James IMAP vulnerable to a ReDoS
https://notcve.org/view.php?id=CVE-2021-40110
In Apache James, using Jazzer fuzzer, we identified that an IMAP user can craft IMAP LIST commands to orchestrate a Denial Of Service using a vulnerable Regular expression. This affected Apache James prior to 3.6.1 We recommend upgrading to Apache James 3.6.1 or higher , which enforce the use of RE2J regular expression engine to execute regex in linear time without back-tracking. En Apache James, usando Jazzer fuzzer, identificamos que un usuario de IMAP puede diseñar comandos IMAP LIST para orquestar una denegación de servicio usando una expresión regular vulnerable. Esto afectaba a Apache James versiones anteriores a 3.6.1. Recomendamos actualizar a Apache James versión 3.6.1 o superior, que refuerza el uso del motor de expresiones regulares RE2J para ejecutar regex en tiempo lineal sin retroceso • http://www.openwall.com/lists/oss-security/2022/01/04/2 https://www.openwall.com/lists/oss-security/2022/01/04/2 •
CVE-2021-38542 – Apache James vulnerable to STARTTLS command injection (IMAP and POP3)
https://notcve.org/view.php?id=CVE-2021-38542
Apache James prior to release 3.6.1 is vulnerable to a buffering attack relying on the use of the STARTTLS command. This can result in Man-in -the-middle command injection attacks, leading potentially to leakage of sensible information. Apache James versiones anteriores a 3.6.1, es vulnerable a un ataque de buffering que es basado en el uso del comando STARTTLS. Esto puede resultar en ataques de inyección de comandos de tipo "Man-in-the-middle", conllevando potencialmente a un filtrado de información confidencial • http://www.openwall.com/lists/oss-security/2022/01/04/1 http://www.openwall.com/lists/oss-security/2022/09/20/1 https://www.openwall.com/lists/oss-security/2022/01/04/1 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-327: Use of a Broken or Risky Cryptographic Algorithm •