BID:21602

Kerio MailServer Remote Unspecified LDAP Denial of Service Vulnerability

Info

Kerio MailServer Remote Unspecified LDAP Denial of Service Vulnerability

Bugtraq ID:	21602
Class:	Failure to Handle Exceptional Conditions
CVE:
Remote:	Yes
Local:	No
Published:	Nov 15 2006 12:00AM
Updated:	Nov 15 2006 12:00AM
Credit:	GLEG Ltd is credited with the discovery of this vulnerability.
Vulnerable:	Kerio Mailserver 6.3.1 Kerio Mailserver 6.2.2 Kerio Mailserver 6.1.3 Kerio Mailserver 6.0.10 Kerio Mailserver 6.0.9 Kerio Mailserver 6.0.5 Kerio Mailserver 6.0.4 Kerio Mailserver 6.0.3 Kerio Mailserver 6.0.2 Kerio Mailserver 6.0.1 Kerio Mailserver 6.0 Kerio Mailserver 5.7.10 Kerio Mailserver 5.7.9 Kerio Mailserver 5.7.8 Kerio Mailserver 5.7.7 Kerio Mailserver 5.7.6 Kerio Mailserver 5.7.5 Kerio Mailserver 5.7.4 Kerio Mailserver 5.7.3 Kerio Mailserver 5.7.2 Kerio Mailserver 5.7.1 Kerio Mailserver 5.7 .0 Kerio Mailserver 5.6.5 Kerio Mailserver 5.6.4 Kerio Mailserver 5.6.3 Kerio Mailserver 5.1.1 Kerio Mailserver 5.1 Kerio Mailserver 5.0 Kerio Mailserver 6.1.3 Patch 1

Not Vulnerable:

Discussion

Kerio MailServer Remote Unspecified LDAP Denial of Service Vulnerability

Kerio MailServer is prone to an unspecified denial-of-service vulnerability due to a flaw when handling malformed network traffic.

Successful exploits will result in denial-of-service conditions.

This issue is distinct from the one reported in BID 21091 (Kerio MailServer Remote LDAP Denial of Service Vulnerability).

Exploit / POC

Kerio MailServer Remote Unspecified LDAP Denial of Service Vulnerability

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]:[email protected].

Solution / Fix

Kerio MailServer Remote Unspecified LDAP Denial of Service Vulnerability

Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]:[email protected].

References

Kerio MailServer Remote Unspecified LDAP Denial of Service Vulnerability

References:

Kerio Homepage (Kerio)