CVE-2008-0858
https://notcve.org/view.php?id=CVE-2008-0858
Buffer overflow in the Visnetic anti-virus plugin in Kerio MailServer before 6.5.0 might allow remote attackers to execute arbitrary code via unspecified vectors. Vulnerabilidad de desbordamiento de búfer en el Plugin Visnetic anti-virus en Kerio MailServer anterior a la v6.5.0, podría permitir a atacantes remotos ejecutar código de su elección a través de vectores no especificados. • http://secunia.com/advisories/29021 http://www.kerio.com/kms_history.html http://www.securityfocus.com/bid/27868 http://www.securitytracker.com/id?1019428 http://www.vupen.com/english/advisories/2008/0594 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2008-0859
https://notcve.org/view.php?id=CVE-2008-0859
Unspecified vulnerability in Kerio MailServer before 6.5.0 allows remote attackers to cause a denial of service (crash) via unspecified vectors related to decoding of uuencoded input, which triggers memory corruption. Vulnerabilidad sin especificar en Kerio MailServer vesiones anteriores a 6.5.0 permite a atacantes remotos provocar una denegación de servicio (caída) a través de vectores no especificados relacionados con la decodificación de una entrada UUencoded, lo cual dispara una corrupción de memoria. • http://secunia.com/advisories/29021 http://www.kerio.com/kms_history.html http://www.securityfocus.com/bid/27868 http://www.securitytracker.com/id?1019428 http://www.vupen.com/english/advisories/2008/0594 • CWE-399: Resource Management Errors •
CVE-2008-0860
https://notcve.org/view.php?id=CVE-2008-0860
Unspecified vulnerability in the AVG plugin in Kerio MailServer before 6.5.0 has unspecified impact via unknown remote attack vectors related to null DACLs. Vulnerabilidad no especificada en el Plugin AVG en Kerio MailServer anterior 6.5.0, tiene un impacto no especificado a través de vetores de ataque remotos relacionados con las DACLs vacías. • http://secunia.com/advisories/29021 http://www.kerio.com/kms_history.html http://www.securityfocus.com/bid/27868 http://www.securitytracker.com/id?1019428 http://www.vupen.com/english/advisories/2008/0594 •
CVE-2007-6385
https://notcve.org/view.php?id=CVE-2007-6385
The proxy server in Kerio WinRoute Firewall before 6.4.1 does not properly enforce authentication for HTTPS pages, which has unknown impact and attack vectors. NOTE: it is not clear whether this issue crosses privilege boundaries. El servidor proxy en Kerio WinRoute Firewall anterior a 6.4.1 no hace cumplir la autenticación para páginas HTTPS, lo cual tiene impacto y vectores de ataque desconocidos. NOTA: no está claro si este asunto atraviesa fronteras de privilegios. • http://osvdb.org/42122 http://secunia.com/advisories/28072 http://www.kerio.com/kwf_history.html http://www.securityfocus.com/bid/26851 http://www.securitytracker.com/id?1019095 http://www.vupen.com/english/advisories/2007/4212 https://exchange.xforce.ibmcloud.com/vulnerabilities/39020 • CWE-287: Improper Authentication •
CVE-2007-3993
https://notcve.org/view.php?id=CVE-2007-3993
Unspecified vulnerability in the attachment filter in Kerio MailServer before 6.4.1 has unknown impact and remote attack vectors. Vulnerabilidad no especificada en el filtro de adjuntos en Kerio MailServer anterior 6.4.1 tiene un impacto desconocido y vectores de ataque remotos. • http://osvdb.org/38571 http://secunia.com/advisories/26185 http://www.kerio.com/kms_history.html http://www.securityfocus.com/bid/25038 http://www.securitytracker.com/id?1018453 http://www.vupen.com/english/advisories/2007/2637 https://exchange.xforce.ibmcloud.com/vulnerabilities/35618 •