The shellshock vulnerability (aka CVE-2014-6271 and CVE-2014-7169) is a security bug affecting Unix-like operating systems through the Bash shell.

For information on its impact on Kerio products, read Bash vulnerability CVE-2014-6271, CVE-2014-7169 (ShellShock) article.

A vulnerability in the Linux glibc system library has been found. An attacker can gain root access to the server and execute a code.

For more details on its impact on Kerio products, read Linux Glibc vulnerability CVE-2015-7547 article.

There is a vulnerability in Linux glibc system library. An attacker can exploit this vulnerability and gain root access to your server and execute a code.

For more details on its impact on Kerio products, read Linux vulnerability CVE-2015-0235 (GHOST) article.

The National Institute of Standards and Technology (NIST) has published a vulnerability to OpenSSL 1.0.1. Details regarding the vulnerability are available from the NIST website. Kerio Operator 2.2.0 up to 2.2.4 used the affected version of the OpenSSL library. However, a fix is available for Kerio Operator as of version 2.2.5. You can download this release from the Kerio Website.

For additional information and security precautions, read OpenSSL vulnerability CVE-2014-0160 article.