Page 3 of 16 results (0.007 seconds)

CVSS: 7.5EPSS: 1%CPEs: 33EXPL: 0

The administration protocol for Kerio WinRoute Firewall 6.x up to 6.0.10, Personal Firewall 4.x up to 4.1.2, and MailServer up to 6.0.8 allows remote attackers to quickly obtain passwords that are 5 characters or less via brute force methods. • http://research.tic.udc.es/scg/advisories/20050429-1.txt http://www.kerio.com/security_advisory.html http://www.securityfocus.com/archive/1/397221 •

CVSS: 5.0EPSS: 0%CPEs: 25EXPL: 0

The administration protocol for Kerio WinRoute Firewall 6.x up to 6.0.10, Personal Firewall 4.x up to 4.1.2, and MailServer up to 6.0.8 allows remote attackers to cause a denial of service (CPU consumption) via certain attacks that force the product to "compute unexpected conditions" and "perform cryptographic operations." • http://research.tic.udc.es/scg/advisories/20050429-2.txt http://www.kerio.com/security_advisory.html http://www.securityfocus.com/archive/1/397220 •

CVSS: 5.0EPSS: 0%CPEs: 23EXPL: 0

Unknown vulnerability in WebMail in Kerio MailServer before 6.0.9 allows remote attackers to cause a denial of service (CPU consumption) via certain e-mail messages. • http://securitytracker.com/id?1013708 http://www.kerio.com/kms_history.html •

CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0

Unspecified vulnerability in Kerio MailServer before 6.0.3 has unknown impact and unknown remote attack vectors, related to a "potential security issue." • http://secunia.com/advisories/12702 http://www.kerio.com/kms_history.html http://www.securityfocus.com/bid/11300 https://exchange.xforce.ibmcloud.com/vulnerabilities/17601 •

CVSS: 2.1EPSS: 0%CPEs: 53EXPL: 0

Kerio Winroute Firewall before 6.0.7, ServerFirewall before 1.0.1, and MailServer before 6.0.5 use symmetric encryption for user passwords, which allows attackers to decrypt the user database and obtain the passwords by extracting the secret key from within the software. Kerio Winroute Firewall anteriores a 6.0.7, ServerFirewall anteriores a 1.0.1, y MailServer anteriores a 6.0.5 usan cifrado simétrico para contraseñas de usuario, lo que permite a atacantes descifrar la base de datos de usuarios y obtener las contraseñas extrayendo la clave secreta del software. • http://marc.info/?l=bugtraq&m=110304957607578&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/18470 •