MERCUR Mailserver SMTP / IMAP / POP3 Servers Remote Overflows

The remote Atrium MERCUR SMTP server mail server seems to be vulnerable to a remote buffer overflow. Successful exploitation of this vulnerability would give a remote attacker administrative access to the mail server and access to potentially confidential data. The IMAP and POP3 servers are...

Atrium Software Mercur Mailserver POP3 AUTH Remote Buffer Overflow Vulnerability

Description A problem has been reported in MERCUR Mailserver when handling the POP3 AUTH command. This problem may make it possible for an attacker crash the service on a vulnerable system, or gain unauthorized access. Technologies Affected Atrium Software MERCUR Mailserver 3.3.0 Atrium Software...

Atrium Software Mercur MailServer 3.34.04.2 - IMAP AUTH Remote Buffer Overflow

Atrium Software Mercur MailServer 3.34.04.2 - IMAP AUTH Remote Buffer Overflow source: https://www.securityfocus.com/bid/8861/info A problem has been reported in MERCUR Mailserver when handling the IMAP AUTH command. The issue occurs when an overly long command is submitted, which may be due to a...

Atrium Software Mercur MailServer 3.3/4.0/4.2 - IMAP AUTH Remote Buffer Overflow

source: https://www.securityfocus.com/bid/8861/info A problem has been reported in MERCUR Mailserver when handling the IMAP AUTH command. The issue occurs when an overly long command is submitted, which may be due to a buffer overrun. This problem may make it possible for an attacker to gain...

CVE-2003-0488

Multiple cross-site scripting XSS vulnerabilities in Kerio MailServer 5.6.3 allow remote attackers to insert arbitrary web script via 1 the addname parameter in the addacl module, or 2 the alias parameter in the domap module...

CVE-2003-0487

Multiple buffer overflows in Kerio MailServer 5.6.3 allow remote authenticated users to cause a denial of service and possibly execute arbitrary code via 1 a long showuser parameter in the dosubscribe module, 2 a long folder parameter in the addacl module, 3 a long folder parameter in the list...

CVE-2003-0488

Kerio MailServer 5.6.3 is affected by multiple XSS vulnerabilities (via add_name in add_acl and alias in do_map). OpenVAS/Nessus notes additional flaws across 5.x lines that could allow shell access or remote code execution, plus DoS in admin/login and a buffer overrun in the spam-filter path for

CVE-2003-0488

Multiple cross-site scripting XSS vulnerabilities in Kerio MailServer 5.6.3 allow remote attackers to insert arbitrary web script via 1 the addname parameter in the addacl module, or 2 the alias parameter in the domap module...

CVE-2003-0487

Multiple buffer overflows in Kerio MailServer 5.6.3 allow remote authenticated users to cause a denial of service and possibly execute arbitrary code via 1 a long showuser parameter in the dosubscribe module, 2 a long folder parameter in the addacl module, 3 a long folder parameter in the list...

CVE-2003-0487

Kerio MailServer 5.6.3 is affected by multiple buffer-overflow flaws that can be triggered by overly long parameters in specific modules (showuser in do_subscribe; folder in add_acl and list; user in do_map). These vulnerabilities allow remote authenticated users to cause a denial of service and,...

Kerio MailServer 5.6.3 - Remote Buffer Overflow

Kerio MailServer 5.6.3 - Remote Buffer Overflow / Remote Buffer Overflow Exploit for Kerio MailServer 5.6.3 / / ========================================= / / By B-r00t / / / / In response to the Kerio Mailserver vulnerabilities / / discovered by David F.Madrid. / / / / Although this exploit...

Kerio MailServer 5.6.3 Remote Buffer Overflow Exploit

Exploit for linux platform in category remote exploits ===================================================== Kerio MailServer 5.6.3 Remote Buffer Overflow Exploit ===================================================== / Remote Buffer Overflow Exploit for Kerio MailServer 5.6.3 / /...

Kerio MailServer 5.6.3 - Remote Buffer Overflow

/ Remote Buffer Overflow Exploit for Kerio MailServer 5.6.3 / / ========================================= / / By B-r00t / / / / In response to the Kerio Mailserver vulnerabilities / / discovered by David F.Madrid. / / / / Although this exploit requires valid authentication / / details, it is...

kerio563.txt

/ Remote Buffer Overflow Exploit for Kerio MailServer 5.6.3 / / ========================================================= / / By B-r00t ok rcpt to: [email protected] 550 5.1.1 Mailbox does not exist rcpt to:[email protected] 250 2.1.5 Recipient ok local ok local user fred seems to...

Multiple buffer overflows and XSS in Kerio MailServer

Issue : Multiple buffer overflows and XSS in Kerio MailServer Version affected 5.6.3 last in kerio website Vendor status : Vendor was notified Description : Kerio develop a mail server with support for Imap , Pop3, Smtp and SSL protocols . Besides , it includes a webmail . This webmail is...

Kerio MailServer 5.6.3 - Web Mail ADD_ACL Module Cross-Site Scripting

Kerio MailServer 5.6.3 - Web Mail ADDACL Module Cross-Site Scripting source: https://www.securityfocus.com/bid/7966/info Reportedly, Kerio Mailserver is vulnerable to a cross site-scripting attack. The vulnerability is present in the addacl module of the Kerio Mailserver web mail component. An...

Kerio WebMail < 5.7.7 Multiple Vulnerabilities

The remote host is running version 5 of the Kerio MailServer. There are multiple flaws in this interface that could allow an attacker with a valid webmail account on this host to obtain a shell on this host or to perform a cross-site-scripting attack against this host with a version prior to 5.6....

Kerio MailServer 5.6.3 - Web Mail ADD_ACL Module Cross-Site Scripting

source: https://www.securityfocus.com/bid/7966/info Reportedly, Kerio Mailserver is vulnerable to a cross site-scripting attack. The vulnerability is present in the addacl module of the Kerio Mailserver web mail component. An attacker may exploit this vulnerability by enticing a victim user to...

Kerio MailServer 5.6.3 do_map Module - Overflow

Kerio MailServer 5.6.3 domap Module - Overflow source: https://www.securityfocus.com/bid/7967/info Multiple buffer overrun vulnerabilities have been discovered in Kerio MailServer, which affect the webmail component. The problem occurs when handling usernames of excessive length and likely occurs...

Kerio MailServer 5.6.3 - Web Mail DO_MAP Module Cross-Site Scripting

Kerio MailServer 5.6.3 - Web Mail DOMAP Module Cross-Site Scripting source: https://www.securityfocus.com/bid/7968/info Reportedly, Kerio Mailserver is vulnerable to a cross site-scripting attack. The vulnerability is present in the domap module of the Kerio Mailserver web mail component. An...