CVE-2003-0487

Kerio MailServer 5.6.3 - Buffer Overflow

Title source: llm

Description

Multiple buffer overflows in Kerio MailServer 5.6.3 allow remote authenticated users to cause a denial of service and possibly execute arbitrary code via (1) a long showuser parameter in the do_subscribe module, (2) a long folder parameter in the add_acl module, (3) a long folder parameter in the list module, and (4) a long user parameter in the do_map module.

Exploits (5)

exploitdb WORKING POC VERIFIED

by B-r00t · cremotelinux

https://www.exploit-db.com/exploits/46

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by David F.Madrid · textdoslinux

https://www.exploit-db.com/exploits/22800

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by David F.Madrid · textdoslinux

https://www.exploit-db.com/exploits/22802

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by David F.Madrid · textdoslinux

https://www.exploit-db.com/exploits/22803

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by David F.Madrid · textdoslinux

https://www.exploit-db.com/exploits/22801

View Code ZIP pw:eip

References (4)

[Exploit, Patch, Vendor Advisory] http://www.securityfocus.com/bid/7967

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/12368

[Exploit, Vendor Advisory] http://nautopia.org/vulnerabilidades/kerio_mailserver.htm

[Mailing List] http://marc.info/?l=bugtraq&m=105596982503760&w=2

Scores

EPSS 0.2079

EPSS Percentile 95.6%

Details

Status published

Products (1)

kerio/kerio_mailserver 5.6.3

Published Aug 07, 2003

Tracked Since Feb 18, 2026