Bugtraq mailing list archives
Re: Kerio Mail Server Multiple Security Vulnerabilities
From: Jaroslav Snajdr <jsnajdr () kerio com>
Date: Tue, 27 Aug 2002 17:44:30 +0200
Abraham Lincoln wrote:
1] Multiple DOS vulnerabilities with Kerio Mail Server services - By sending multiple "SYN" packet to every services of the mail server (POP3, SMTP, IMAP, Secure IMAP, POP3S, Web-mail, Secure Web-mail) it would stop the mail server services from responding. Sending minimum of 5 syn packet is enough to stop the service from responding and the service will be up again after several mins. This vulnerability consumes all resources of the system that forces the service to stop responding.
Defense against this type of DOS attack is a job of the underlying operating system's TCP/IP stack. The following link contains information on how to enable SYN flooding protection on Windows NT, 2000 or XP:
http://www.microsoft.com/technet/security/prodtech/network/secdeny.asp
2] Cross-Site Scripting vulnerabilities - Kerio's Web-Mail contains a Multiple Cross-site scripting vulnerabilities that could allow any user who's allowed to access the web-mail to execute Malicious scripts. Even Secure Web-mail is affected by this vulnerability.
Author of the advisory was not able to provide us with any details on the XSS vulnerabilites he claims he found. The only information we got was a link to XSS FAQ. Our internal testing did not reveal any security holes.
We resolved all claims in this advisory as bogus - they don't contain enough information to be of any value. There are no known and verified security vulnerabilites in Kerio MailServer 5 that would be known to us.
Jaroslav Snajdr Kerio MailServer Development Team Kerio Technologies
Current thread:
- Kerio Mail Server Multiple Security Vulnerabilities Abraham Lincoln (Aug 19)
- Re: Kerio Mail Server Multiple Security Vulnerabilities Jaroslav Snajdr (Aug 27)
- <Possible follow-ups>
- Re: Kerio Mail Server Multiple Security vulnerabilities Abraham Lincoln (Aug 28)