Best-practices for securing Kerio Connect, SSL certificate queries
Overview When Kerio Connect is installed on a Windows® operating system (OS) alongside a third-party Antivirus or Backup software, it is important to exclude certain folders from the real-time scannin...
Summary The shellshock vulnerability (CVE-2014-6271 and CVE-2014-7169) is a security bug affecting Unix-like operating systems through the Bash shell. Many Linux distributions and Mac OS X include t...
Answer Overview The reported vulnerability is a Clickjacking vulnerability and is present in the email preview feature of Kerio Connect version 8 and version 9. The vulnerability is a risk to users th...
Answer Last updated on February 17, 2016 @ 18:00 GMT Overview Vulnerability in Linux glibc system library can be exploited to gain root access to the server and execute a code. A special crafted DNS r...
Answer Overview Vulnerability in Linux glibc system library can be exploited to gain root access to the server and execute a code. Kerio Connect Affected systems All Linux systems supported by Kerio ...
Answer Overview October 6, 2014 The reported vulnerability is a local file inclusion vulnerability affecting the webmail feature of the Kerio Connect product. Exploitation of this vulnerability can le...
Answer Kerio Connect This vulnerability affects: Kerio Connect 8.2.0 (32-bit, 64-bit) Kerio Connect 8.2.1 (32-bit, 64-bit) Kerio Connect 8.2.2 (32-bit, 64-bit) Kerio Connect 8.2.3 (32-bit, 64-bit) Ker...
Answer Overview Cross-site scripting (XSS) vulnerability in the redirect page on the Kerio Connect 8.3.2 and earlier allows remote attackers to inject arbitrary web script or HTML via specially crafte...
Overview This vulnerability is a flaw in protocol design. An attacker that controls the network between the client and the server can interfere with any attempted handshake offering TLS 1.0 or later a...
Answer Overview October 6, 2014 The reported vulnerability involves a stored XSS vulnerability present in the calendar feature of Kerio Connect 8.1. An authenticated user triggers the vulnerability ...
