Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1158

Overview

Vulnerability Score 7.8 7.8
CVE Id CVE-2006-1158
Last Modified 07 Mar 2011 09:32:12
Published 12 Mar 2006 03:02:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-1158

Summary

Kerio MailServer before 6.1.3 Patch 1 allows remote attackers to cause a denial of service (application crash) via a crafted IMAP LOGIN command.

Vulnerable Systems

Application

  • Kerio Mailserver 5.6.4

  • Kerio Mailserver 5.6.5

  • Kerio Mailserver 5.7.0

  • Kerio Mailserver 5.7.1

  • Kerio Mailserver 5.7.10

  • Kerio Mailserver 5.7.2

  • Kerio Mailserver 5.7.3

  • Kerio Mailserver 5.7.4

  • Kerio Mailserver 5.7.5

  • Kerio Mailserver 5.7.6

  • Kerio Mailserver 5.7.7

  • Kerio Mailserver 5.7.8

  • Kerio Mailserver 5.7.9

  • Kerio Mailserver 6.0

  • Kerio Mailserver 6.0.0

  • Kerio Mailserver 6.0.1

  • Kerio Mailserver 6.0.2

  • Kerio Mailserver 6.0.3

  • Kerio Mailserver 6.0.4

  • Kerio Mailserver 6.0.5

  • Kerio Mailserver 6.0.6

  • Kerio Mailserver 6.0.7

  • Kerio Mailserver 6.0.8

  • Kerio Mailserver 6.1.3 Patch 1


References

CONFIRM - http://www.kerio.com/kms_history.html

SECUNIA - 19150

XF - kerio-mailserver-imap-dos(25150)

VUPEN - ADV-2006-0898

BID - 17043

BUGTRAQ - 20060313 Kerio MailServer bugfun

OSVDB - 23772

SECTRACK - 1015748


Last Updated: 27 May 2016 10:41:56