Kerio MailServer < 6.0.1 Embedded HTTP Server Unspecified Issue
Critical Nessus Plugin ID 14279
SynopsisThe remote mail server has an unspecified vulnerability.
DescriptionThe remote host is running a version of Kerio MailServer prior to 6.0.1. Kerio Mailserver is an SMTP server that ships with an embedded HTTP server.
It has been reported that there are multiple remote overflows in versions of Kerio prior to 6.0.1, although the exact nature of these overflows is not yet known.
Note that Nessus determined this vulnerability exists based solely on the version in the received banner. If the host is running obfuscated banners, this may be a false positive.
SolutionUpgrade to Kerio MailServer 6.0.1 or later.