Kerio MailServer < 6.0.9 Malformed Email DoS

Medium Nessus Network Monitor Plugin ID 2834

Synopsis

The remote host is vulnerable to a buffer overflow.

Description

The remote host is running a version of Kerio MailServer prior to 6.0.9. There is an undisclosed flaw in the remote version of this server that might allow an attacker to exhaust resources (impact availability) on the Kerio MailServer.

Solution

Upgrade to Kerio MailServer 6.0.9 or higher.

Plugin Details

Severity: Medium

ID: 2834

File Name: 2834.prm

Family: SMTP Servers

Published: 2005/04/18

Modified: 2016/01/21

Dependencies: 2004, 2005

Risk Information

Risk Factor: Medium

CVSSv2

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

CVSSv3

Base Score: 5.3

Temporal Score: 4.6

Vector: CVSS3#AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Temporal Vector: CVSS3#E:U/RL:O/RC:C

Reference Information

CVE: CVE-2005-1138

BID: 13180