CVSS: 5.0EPSS: 1%CPEs: 29EXPL: 0CVE-2006-6554
https://notcve.org/view.php?id=CVE-2006-6554
Unspecified vulnerability in Kerio MailServer before 6.3.1 allows remote attackers to cause a denial of service (segmentation fault and service stop) via certain long LDAP queries, as demonstrated by vd_kms6.pm. Vulnerabilidad no especificada en Kerio MailServer anteriores a 6.3.1 permite a atacantes remotos provocar una denegación de servicio (fallo de segmentación y parada de servicio) mediante ciertas consultas LDAP largas, como ha demostrado vd_kms6.pm. • http://secunia.com/advisories/23364 http://www.kerio.com/kms_history.html http://www.securityfocus.com/archive/1/454455/100/0/threaded http://www.vupen.com/english/advisories/2006/4993 https://exchange.xforce.ibmcloud.com/vulnerabilities/30872 •
CVSS: 6.2EPSS: 0%CPEs: 15EXPL: 5CVE-2006-6131 – Kerio WebSTAR 5.4.2 (OSX) - 'libucache.dylib' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2006-6131
Untrusted search path vulnerability in (1) WSAdminServer and (2) WSWebServer in Kerio WebSTAR (4D WebSTAR Server Suite) 5.4.2 and earlier allows local users with webstar privileges to gain root privileges via a malicious libucache.dylib helper library in the current working directory. Vulnerabilidad de ruta de búsqueda no confiable en (1) WSAdminServer y (2) WSWebServer en Kerio WebSTAR (4D WebSTAR Server Suite) 5.4.2 y anteriores permite a atacantes remotos con privilegios webstar obtener privilegios de root mediante una librería de ayuda libucache.dylib maliciosa en el directorio de trabajo actual. • https://www.exploit-db.com/exploits/2788 http://secunia.com/advisories/22906 http://securityreason.com/securityalert/1921 http://securitytracker.com/id?1017239 http://www.digitalmunition.com/DMA%5B2006-1115a%5D.txt http://www.osvdb.org/30450 http://www.securityfocus.com/archive/1/451832/100/200/threaded http://www.securityfocus.com/bid/21123 http://www.vupen.com/english/advisories/2006/4539 https://exchange.xforce.ibmcloud.com/vulnerabilities/30308 •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 1CVE-2006-5812
https://notcve.org/view.php?id=CVE-2006-5812
Unspecified vulnerability in Kerio MailServer allows attackers to cause a denial of service, as demonstrated by vd_kms4.pm, a "Kerio MailServer DoS." NOTE: As of 20061108, this disclosure has no actionable information. However, since it is from a reliable researcher, it is being assigned a CVE identifier for tracking purposes. Vulnerabilidad no especificada en Kerio MailServer permite a atacantes remotos provocar una denegación de servicio, como ha sido demostrado por vd_kms4.pm, una "Kerio MailServer DoS". NOTA: A partir del 08/11/2006, esta divulgación no tiene información accionable. • http://gleg.net/vulndisco_meta.shtml http://secunia.com/advisories/22861 http://securitytracker.com/id?1017171 https://exchange.xforce.ibmcloud.com/vulnerabilities/30145 •
CVSS: 5.0EPSS: 2%CPEs: 42EXPL: 0CVE-2006-5420
https://notcve.org/view.php?id=CVE-2006-5420
Kerio WinRoute Firewall 6.2.2 and earlier allows remote attackers to cause a denial of service (crash) via malformed DNS responses. Kerio WinRoute Firewall 6.2.2 y anteriores permite a un atacante remoto provocar denegación de servicio (caida) a través de respuestas DNS mal formadas. • http://secunia.com/advisories/22986 http://securitytracker.com/id?1017067 http://www.kerio.com/kwf_history.html http://www.securityfocus.com/bid/20584 http://www.vupen.com/english/advisories/2006/4056 https://exchange.xforce.ibmcloud.com/vulnerabilities/29629 •
CVSS: 5.0EPSS: 0%CPEs: 18EXPL: 2CVE-2006-5153
https://notcve.org/view.php?id=CVE-2006-5153
The (1) fwdrv.sys and (2) khips.sys drivers in Sunbelt Kerio Personal Firewall 4.3.268 and earlier do not validate arguments passed through to SSDT functions, including NtCreateFile, NtDeleteFile, NtLoadDriver, NtMapViewOfSection, NtOpenFile, and NtSetInformationFile, which allows local users to cause a denial of service (crash) and possibly other impacts via unspecified vectors. Los drivers (1) fwdrv.sys y (2) khips.sys en Sunbelt Kerio Personal Firewall 4.3.268 y anteriores no validan los argumentos pasados a través de funciones SSDT, incluyendo NtCreateFile, NtDeleteFile, NtLoadDriver, NtMapViewOfSection, NtOpenFile, y NtSetInformationFile, lo cual permite a usuarios locales provocar una denegación de servicio (caída) y posiblemente otros impactos mediante vectores no especificados. • http://secunia.com/advisories/22234 http://securityreason.com/securityalert/1685 http://securitytracker.com/id?1016967 http://www.matousec.com/info/advisories/Kerio-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php http://www.securityfocus.com/archive/1/447504/100/0/threaded http://www.securityfocus.com/bid/20299 http://www.vupen.com/english/advisories/2006/3872 https://exchange.xforce.ibmcloud.com/vulnerabilities/29313 •