Kerio MailServer SPAM Filter Has Buffer Overflow
|
|
SecurityTracker Alert ID: 1009547
|
|
CVE Reference: GENERIC-MAP-NOMATCH
(Links to External Site)
|
Date: Mar 24 2004
|
Impact: Denial of service via network, Execution of arbitrary code via network, User access via network
|
Fix Available: Yes
Vendor Confirmed: Yes
|
Version(s): prior to 5.7.7
|
Description: A buffer overflow vulnerability was reported in the Kerio MailServer. The impact was not disclosed.
The vendor reported that there is a buffer overflow in the mail server's SPAM filter. No further details were provided.
|
Impact: The impact was not disclosed.
[Editor's note: For classification purposes, we have categorized this vulnerability using the typical impacts for buffer overflow vulnerabilities.]
|
Solution: The vendor has released a fixed version (5.7.7), available at:
http://www.kerio.com/kms_download.html
|
Vendor URL: www.kerio.com/kms_home.html (Links to External Site)
|
Cause: Boundary error
|
Underlying OS: Windows (NT), Windows (2000), Windows (XP)
|
|
Message History:
None.
|
Source Message Contents
|
Date: Wed, 24 Mar 2004 10:56:36 -0500
Subject: http://www.kerio.com/kms_history.html
|
http://www.kerio.com/kms_history.html
> Version 5.7.7 - March 16, 2004
> - Fixed buffer overflow in spam filter
|
|
