Intrusion Prevention

IMAP.LOGIN.Large.Memory.DoS

Description

This indicates an attack attempt against a denial-of-service vulnerability in Kerio MailServer.
The vulnerability is caused by the application's inability to properly handle malformed arguments to the IMAP LOGIN command. It may allow a remote attacker to cause the server to crash and result in a denial-of-service condition.

Affected Products

Kerio Mailserver 6.1.3
Kerio Mailserver 6.0.10
Kerio Mailserver 6.0.9
Kerio Mailserver 6.0.5
Kerio Mailserver 6.0.4
Kerio Mailserver 6.0.3
Kerio Mailserver 6.0.2
Kerio Mailserver 6.0.1
Kerio Mailserver 6.0
Kerio Mailserver 5.7.10
Kerio Mailserver 5.7.9
Kerio Mailserver 5.7.8
Kerio Mailserver 5.7.7
Kerio Mailserver 5.7.6
Kerio Mailserver 5.7.5
Kerio Mailserver 5.7.4
Kerio Mailserver 5.7.3
Kerio Mailserver 5.7.2
Kerio Mailserver 5.7.1
Kerio Mailserver 5.7 .0
Kerio Mailserver 5.6.5
Kerio Mailserver 5.6.4
Kerio Mailserver 5.6.3
Kerio Mailserver 5.1.1
Kerio Mailserver 5.1

Impact

Denial of Service: Remote attackers can crash vulnerable systems.

Recommended Actions

Upgrade to the latest version of Kerio MailServer (6.1.3 Patch 1 or later):
http://www.kerio.com/kms_download.html