osc - the open source company
21
OKT
2018
Kerio Connect - sensitive information disclosure

GFI Kerio Connect – sensitive information disclosure in every sent email

Kerio Connect 9.2.7 and older adds the following sensitive informations to every email header: Received: from [{mailserver}] ([{mailserver}]) (authenticated user {full user}) by mailserver ({full version number}) with ESMTPSA Since {full version number} is a problematic thing...