Family: Denial of Service --> Category: infos
Kerio MailServer Webmail Resource Exhaustion Vulnerability Vulnerability Scan
Vulnerability Scan Summary
Checks for Kerio MailServer < 6.0.9
Detailed Explanation for this Vulnerability Test
The remote mail server is prone to a denial of service attack.
According to its banner, the remote host is running a version of Kerio
MailServer prior to 6.0.9. Such versions may be subject to hangs or
high CPU usage when malformed email messages are viewed through its
WebMail component. A possible hacker may be able leverage this issue to deny
service to legitimate users simply by sending a specially-crafted
message and having that message viewed by someone using Kerio WebMail.
See also :
Upgrade to Kerio MailServer 6.0.9 or newer.
Low / CVSS Base Score : 2
Click HERE for more information and discussions on this network vulnerability scan.