EIP-2026-115516

PRE-CVE

Kerio MailServer 5.x/6.x - Remote LDAP Denial of Service

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-115516. PoCs published by Evgeny Legerov.

AI-analyzed exploit summary This Python script exploits a denial-of-service vulnerability in Kerio MailServer 6.2.2 by sending a malformed LDAP request, causing a segmentation fault in the LDAPSearchRequest::parsePagedResults function. The exploit triggers a crash due to improper handling of network traffic.

Description

Kerio MailServer 5.x/6.x - Remote LDAP Denial of Service

Exploits (1)

exploitdb WORKING POC VERIFIED

by Evgeny Legerov · pythondoswindows

https://www.exploit-db.com/exploits/29039

View Code ZIP pw:eip

This Python script exploits a denial-of-service vulnerability in Kerio MailServer 6.2.2 by sending a malformed LDAP request, causing a segmentation fault in the LDAPSearchRequest::parsePagedResults function. The exploit triggers a crash due to improper handling of network traffic.

Classification

Working Poc 100%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Kerio MailServer 6.2.2

No auth needed

Prerequisites: Network access to the target's LDAP port (389)

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026