CVE-2004-1022

Published: Jan 10, 2005Modified: Apr 16, 2026

2.1

Vector

AV:L/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 3.9 / Impact: 2.9

Source: NVD

Description

Kerio Winroute Firewall before 6.0.7, ServerFirewall before 1.0.1, and MailServer before 6.0.5 use symmetric encryption for user passwords, which allows attackers to decrypt the user database and obtain the passwords by extracting the secret key from within the software.

Affected (53)

Products: Kerio: Kerio Mailserver, Serverfirewall, Winroute Firewall

3 products

Configuration A

53 vulnerable

Vulnerable Software	Affected Versions
Kerio Kerio Mailserver	Version 5.0
Kerio Kerio Mailserver	Version 5.1.1
Kerio Kerio Mailserver	Version 5.1
Kerio Kerio Mailserver	Version 5.6.3
Kerio Kerio Mailserver	Version 5.6.4
Kerio Kerio Mailserver	Version 5.6.5
Kerio Kerio Mailserver	Version 5.7.0
Kerio Kerio Mailserver	Version 5.7.10
Kerio Kerio Mailserver	Version 5.7.1
Kerio Kerio Mailserver	Version 5.7.2
Kerio Kerio Mailserver	Version 5.7.3
Kerio Kerio Mailserver	Version 5.7.4
Kerio Kerio Mailserver	Version 5.7.5
Kerio Kerio Mailserver	Version 5.7.6
Kerio Kerio Mailserver	Version 5.7.7
Kerio Kerio Mailserver	Version 5.7.8
Kerio Kerio Mailserver	Version 5.7.9
Kerio Kerio Mailserver	Version 6.0.1
Kerio Kerio Mailserver	Version 6.0.2
Kerio Kerio Mailserver	Version 6.0.3
Kerio Kerio Mailserver	Version 6.0.4
Kerio Kerio Mailserver	Version 6.0
Kerio Serverfirewall	Version 1.0
Kerio Winroute Firewall	Version 5.0.1
Kerio Winroute Firewall	Version 5.0.2
Kerio Winroute Firewall	Version 5.0.3
Kerio Winroute Firewall	Version 5.0.4
Kerio Winroute Firewall	Version 5.0.5
Kerio Winroute Firewall	Version 5.0.6
Kerio Winroute Firewall	Version 5.0.7
Kerio Winroute Firewall	Version 5.0.8
Kerio Winroute Firewall	Version 5.0.9
Kerio Winroute Firewall	Version 5.1.10
Kerio Winroute Firewall	Version 5.1.1
Kerio Winroute Firewall	Version 5.1.2
Kerio Winroute Firewall	Version 5.1.3
Kerio Winroute Firewall	Version 5.1.4
Kerio Winroute Firewall	Version 5.1.5
Kerio Winroute Firewall	Version 5.1.6
Kerio Winroute Firewall	Version 5.1.7
Kerio Winroute Firewall	Version 5.1.8
Kerio Winroute Firewall	Version 5.1.9
Kerio Winroute Firewall	Version 5.10
Kerio Winroute Firewall	Version 5.1
Kerio Winroute Firewall	Version 6.0.1
Kerio Winroute Firewall	Version 6.0.2
Kerio Winroute Firewall	Version 6.0.3
Kerio Winroute Firewall	Version 6.0.4
Kerio Winroute Firewall	Version 6.0.5
Kerio Winroute Firewall	Version 6.0.6
Kerio Winroute Firewall	Version 6.0.7
Kerio Winroute Firewall	Version 6.0.8
Kerio Winroute Firewall	Version 6.0

References (4)

http://marc.info/?l=bugtraq&m=110304957607578&w=2

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/18470

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=110304957607578&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/18470

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.