Kerio_MailServer_IMAP_LOGIN_Denial_of_Service_attack

A denial of service vulnerability has been identified in the Kerio MailServer product. The flaw specifically exists in the processing of the IMAP messages. By sending a crafted LOGIN message to the target, an unauthenticated attacker may terminate the Kerio MailServer process. Upon an attack exploiting this vulnerability on Linux platform, the mailserver process terminates. All established connection to the product will be reset, all mail services become unavailable until the server is restarted. On Windows platform, the exception resulting in a notification window being shown on the server console. However, the execution of other server process continues. The server process is terminated once a user acknowledges the exception notification window. If the attacker can launch an attack from 10 different IP addresses, then after 100 attacks from each IP address, the maximum concurrent connection limit of IMAP service is reached and no more connections can be accepted by the IMAP service. ---