Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0487

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2003-0487
Last Modified 05 Sep 2008 04:34:26
Published 07 Aug 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-0487

Summary

Multiple buffer overflows in Kerio MailServer 5.6.3 allow remote authenticated users to cause a denial of service and possibly execute arbitrary code via (1) a long showuser parameter in the do_subscribe module, (2) a long folder parameter in the add_acl module, (3) a long folder parameter in the list module, and (4) a long user parameter in the do_map module.

Vulnerable Systems

Application

  • Kerio Mailserver 5.6.3


References

BID - 7967

XF - kerio-multiple-modules-bo(12368)

MISC - http://nautopia.org/vulnerabilidades/kerio_mailserver.htm

BUGTRAQ - 20030618 Multiple buffer overflows and XSS in Kerio MailServer


Last Updated: 27 May 2016 10:37:56