322 matches found
CVE-2005-1138
Unknown vulnerability in WebMail in Kerio MailServer before 6.0.9 allows remote attackers to cause a denial of service CPU consumption via certain e-mail messages...
[SA14943] Kerio MailServer Unspecified WebMail Email Viewing Denial of Service
---------------------------------------------------------------------- Want a new IT Security job? Vacant positions at Secunia: http://secunia.com/secuniavacancies/ ---------------------------------------------------------------------- TITLE: Kerio MailServer Unspecified WebMail Email Viewing...
Kerio MailServer < 6.0.9 Malformed Email DoS
Binary data 2834.prm...
CVE-2005-1138
CVE-2005-1138 refers to an unknown vulnerability in the WebMail component of Kerio MailServer prior to 6.0.9 that can cause a denial of service via certain e‑mail messages. Multiple sources (NVD, CVE List, and Nessus plugin) describe it as a resource exhaustion/CPU consumption issue when malforme...
CVE-2005-1138
Unknown vulnerability in WebMail in Kerio MailServer before 6.0.9 allows remote attackers to cause a denial of service CPU consumption via certain e-mail messages...
Kerio MailServer Webmail Malformed Email Handling Resource Exhaustion DoS
According to its banner, the remote host is running a version of Kerio MailServer prior to 6.0.9. Such versions may be subject to hangs or high CPU usage when malformed email messages are viewed through its WebMail component. An attacker may be able leverage this issue to deny service to legitima...
CVE-2004-1023
Kerio Winroute Firewall before 6.0.9, ServerFirewall before 1.0.1, and MailServer before 6.0.5, when installed on Windows based systems, do not modify the ACLs for critical files, which allows local users with Power Users privileges to modify programs, install malicious DLLs in the plug-ins folde...
CVE-2004-2441
Unspecified vulnerability in Kerio MailServer before 6.0.3 has unknown impact and unknown remote attack vectors, related to a "potential security issue."...
CVE-2004-1023
Affected software: Kerio Winroute Firewall (<6.0.9), ServerFirewall (<1.0.1), and MailServer (
CVE-2004-1022
Kerio products Kerio WinRoute Firewall (before 6.0.7), ServerFirewall (before 1.0.1), and MailServer (before 6.0.5) store passwords using a symmetric encryption scheme. The vulnerability arises because the secret key is extractable from the software, enabling an attacker to decrypt the user datab...
CVE-2004-1023
Kerio Winroute Firewall before 6.0.9, ServerFirewall before 1.0.1, and MailServer before 6.0.5, when installed on Windows based systems, do not modify the ACLs for critical files, which allows local users with Power Users privileges to modify programs, install malicious DLLs in the plug-ins folde...
Kerio MailServer < 6.0.3 Unspecified Vulnerability
The remote host is running a version of Kerio MailServer prior to 6.0.3. There is an undisclosed flaw in the remote version of this server that might allow an attacker to execute arbitrary code on the remote host. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid15404;...
Kerio MailServer < 6.0.3 Unspecified Code Execution
Binary data 2340.prm...
Atrium MERCUR Mailserver Local Traversal Arbitrary File Access
Binary data 1089.prm...
Kerio Mailserver Embedded HTTP Server Multiple Unspecified Vulnerabilities
Binary data 1725.prm...
Kerio MailServer < 6.6.2 Patch 3 / 6.7.0 Patch 1 XSS
Binary data 5048.prm...
Kerio MailServer < 6.0.1 Embedded HTTP Server Unspecified Issue
The remote host is running a version of Kerio MailServer prior to 6.0.1. Kerio Mailserver is an SMTP server that ships with an embedded HTTP server. It has been reported that there are multiple remote overflows in versions of Kerio prior to 6.0.1, although the exact nature of these overflows is n...
Kerio Mailserver buffer overflow
SPAM filter buffer overflow...
CVE-2003-1322
Multiple stack-based buffer overflows in Atrium MERCUR IMAPD in MERCUR Mailserver before 4.2.15.0 allow remote attackers to execute arbitrary code via a long 1 EXAMINE, 2 DELETE, 3 SUBSCRIBE, 4 RENAME, 5 UNSUBSCRIBE, 6 LIST, 7 LSUB, 8 STATUS, 9 LOGIN, 10 CREATE, or 11 SELECT command...
CVE-2003-1177
Buffer overflow in the base64 decoder in MERCUR Mailserver 4.2 before SP3a allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long 1 AUTH command to the POP3 server or 2 AUTHENTICATE command to the IMAP server...