Kerio WebMail < 5.7.7 Multiple Vulnerabilities

high Nessus Plugin ID 11763

Language:

Synopsis

The remote server is vulnerable to several flaws.

Description

The remote host is running version 5 of the Kerio MailServer.

There are multiple flaws in this interface that could allow an attacker with a valid webmail account on this host to obtain a shell on this host or to perform a cross-site-scripting attack against this host with a version prior to 5.6.4.

Versions of MailServer prior to 5.6.5 are also prone to a denial of service condition when an incorrect login to the admin console occurs. This could cause the server to crash.

Versions of MailServer prior to 5.7.7 are prone to a remotely exploitable buffer overrun condition. This vulnerability exists in the spam filter component. If successfully exploited, this could permit remote attackers to execute arbitrary code in the context of the MailServer software. This could also cause a denial of service in the server.

*** This might be a false positive, as Nessus did not have
*** the proper credentials to determine if the remote Kerio
*** is affected by this flaw.

Solution

Upgrade to Kerio MailServer 5.7.7 or newer.

Plugin Details

Severity: High

ID: 11763

File Name: kerio_webmail_multiple_flaws.nasl

Version: 1.31

Type: remote

Family: CGI abuses

Published: 6/18/2003

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.6

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 7.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: cpe:/a:kerio:kerio_mailserver

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 8/19/2002

Reference Information

CVE: CVE-2002-1434, CVE-2003-0487, CVE-2003-0488

BID: 5507, 7966, 7967, 7968, 8230, 9975

CWE: 20, 442, 629, 711, 712, 722, 725, 74, 750, 751, 79, 800, 801, 809, 811, 864, 900, 928, 931, 990