Vulnerabilities > Kerio > Kerio Mailserver > High

DATE CVE VULNERABILITY TITLE RISK
2008-02-21 CVE-2008-0858 Code Injection vulnerability in multiple products
Buffer overflow in the Visnetic anti-virus plugin in Kerio MailServer before 6.5.0 might allow remote attackers to execute arbitrary code via unspecified vectors.
network
low complexity
kerio visnetic CWE-94
7.5
2006-03-12 CVE-2006-1158 Remote Denial of Service vulnerability in Kerio MailServer
Kerio MailServer before 6.1.3 Patch 1 allows remote attackers to cause a denial of service (application crash) via a crafted IMAP LOGIN command.
network
low complexity
kerio
7.8
2005-05-02 CVE-2005-1062 Remote Security vulnerability in Kerio products
The administration protocol for Kerio WinRoute Firewall 6.x up to 6.0.10, Personal Firewall 4.x up to 4.1.2, and MailServer up to 6.0.8 allows remote attackers to quickly obtain passwords that are 5 characters or less via brute force methods.
network
low complexity
kerio
7.5
2003-08-07 CVE-2003-0487 Remote Username Buffer Overrun vulnerability in Kerio Mailserver 5.6.3
Multiple buffer overflows in Kerio MailServer 5.6.3 allow remote authenticated users to cause a denial of service and possibly execute arbitrary code via (1) a long showuser parameter in the do_subscribe module, (2) a long folder parameter in the add_acl module, (3) a long folder parameter in the list module, and (4) a long user parameter in the do_map module.
network
low complexity
kerio
7.5