PT-2011-3173 · Kerio · Kerio Mailserver+1
Wietse Venema
·
Published
2011-03-22
·
Updated
2017-08-17
·
CVE-2011-1506
CVSS v2.0
6.8
Medium
| Vector | AV:N/AC:M/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Kerio Connect versions 7.1.4 build 2985
Kerio MailServer versions 6.x
Description
The issue is related to a "plaintext command injection" attack, where the STARTTLS implementation does not properly restrict I/O buffering. This allows man-in-the-middle attackers to insert commands into encrypted SMTP sessions by sending a cleartext command that is processed after TLS is in place.
Recommendations
For Kerio Connect version 7.1.4 build 2985, consider updating to a newer version that addresses the issue with I/O buffering in the STARTTLS implementation.
For Kerio MailServer version 6.x, consider updating to a newer version that addresses the issue with I/O buffering in the STARTTLS implementation.
As a temporary workaround, consider restricting access to the SMTP service to minimize the risk of exploitation.
Fix
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Kerio Connect
Kerio Mailserver