BID:9975

Kerio MailServer Spam Filter Buffer Overrun Vulnerability

Info

Kerio MailServer Spam Filter Buffer Overrun Vulnerability

Bugtraq ID:	9975
Class:	Boundary Condition Error
CVE:
Remote:	Yes
Local:	No
Published:	Mar 16 2004 12:00AM
Updated:	Mar 16 2004 12:00AM
Credit:	This issue was reported by the vendor.
Vulnerable:	Kerio Mailserver 5.7.6 Kerio Mailserver 5.7.5 Kerio Mailserver 5.7.4 Kerio Mailserver 5.7.3 Kerio Mailserver 5.7.2 Kerio Mailserver 5.7.1 Kerio Mailserver 5.7 .0

Not Vulnerable:	Kerio Mailserver 5.7.7

Discussion

Kerio MailServer Spam Filter Buffer Overrun Vulnerability

Kerio has reported that MailServer is prone to a remotely exploitable buffer overrun condition.

This vulnerability exists in the spam filter component. If successfully exploited, this could permit remote attackers to execute arbitrary code in the context of the MailServer software. This could also cause a denial of service in the server.

Exploit / POC

Kerio MailServer Spam Filter Buffer Overrun Vulnerability

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.

Solution / Fix

Kerio MailServer Spam Filter Buffer Overrun Vulnerability

Solution:
This issue was addressed with the release of Kerio MailServer 5.7.7.

Kerio Mailserver 5.7 .0

Kerio Kerio MailServer 5.7.7
http://www.kerio.com/kms_download.html

Kerio Mailserver 5.7.1

Kerio Kerio MailServer 5.7.7
http://www.kerio.com/kms_download.html

Kerio Mailserver 5.7.2

Kerio Kerio MailServer 5.7.7
http://www.kerio.com/kms_download.html

Kerio Mailserver 5.7.3

Kerio Kerio MailServer 5.7.7
http://www.kerio.com/kms_download.html

Kerio Mailserver 5.7.4

Kerio Kerio MailServer 5.7.7
http://www.kerio.com/kms_download.html

Kerio Mailserver 5.7.5

Kerio Kerio MailServer 5.7.7
http://www.kerio.com/kms_download.html

Kerio Mailserver 5.7.6

Kerio Kerio MailServer 5.7.7
http://www.kerio.com/kms_download.html

References

Kerio MailServer Spam Filter Buffer Overrun Vulnerability

References:

Kerio Homepage (Kerio)
Kerio MailServer History (Kerio)