Multiple buffer overrun vulnerabilities in Kerio MailServer webmail component

vendor:

Kerio MailServer

by:

7.5

CVSS

HIGH

Buffer Overflow

119

CWE

Product Name: Kerio MailServer

Affected Version From:

Affected Version To:

Patch Exists: YES

Related CWE:

CPE: a:kerio:mailserver

Metasploit:

Other Scripts:

Platforms Tested:

Multiple buffer overrun vulnerabilities in Kerio MailServer webmail component

The vulnerability occurs when handling usernames of excessive length and likely occurs due to insufficient bounds checking. Successful exploitation could potentially result in the execution of arbitrary code with the privileges of the Kerio MailServer process.

Mitigation:

It is recommended to update to the latest version of Kerio MailServer which includes a patch for this vulnerability.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/7967/info
   
Multiple buffer overrun vulnerabilities have been discovered in Kerio MailServer, which affect the webmail component. The problem occurs when handling usernames of excessive length and likely occurs due to insufficient bounds checking. Due to the similarity of these issues it has been conjectured that the root of the problem may be a single function used to handle all affected procedures.
   
Successful exploitation of this vulnerability could potentially result in the execution of arbitrary code, with the privileges of the Kerio MailServer process.

http://[Server]/do_map?
action=new&oldalias=eso&alias=aaa&folder=public&user=AAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA