Search criteria
33 vulnerabilities found for personal_firewall by kerio
CVE-2003-1491 (GCVE-0-2003-1491)
Vulnerability from cvelistv5 – Published: 2007-10-24 23:00 – Updated: 2024-08-08 02:28
VLAI?
Summary
Kerio Personal Firewall (KPF) 2.1.4 has a default rule to accept incoming packets from DNS (UDP port 53), which allows remote attackers to bypass the firewall filters via packets with a source port of 53.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:28:03.736Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "7436",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/7436"
},
{
"name": "20030422 UDP bypassing in Kerio Firewall 2.1.4",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2003-q2/0352.html"
},
{
"name": "kerio-pf-firewall-bypass(11880)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11880"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securiteam.com/securitynews/5FP0N1P9PI.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-04-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Kerio Personal Firewall (KPF) 2.1.4 has a default rule to accept incoming packets from DNS (UDP port 53), which allows remote attackers to bypass the firewall filters via packets with a source port of 53."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "7436",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/7436"
},
{
"name": "20030422 UDP bypassing in Kerio Firewall 2.1.4",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2003-q2/0352.html"
},
{
"name": "kerio-pf-firewall-bypass(11880)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11880"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securiteam.com/securitynews/5FP0N1P9PI.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-1491",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Kerio Personal Firewall (KPF) 2.1.4 has a default rule to accept incoming packets from DNS (UDP port 53), which allows remote attackers to bypass the firewall filters via packets with a source port of 53."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "7436",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/7436"
},
{
"name": "20030422 UDP bypassing in Kerio Firewall 2.1.4",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2003-q2/0352.html"
},
{
"name": "kerio-pf-firewall-bypass(11880)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11880"
},
{
"name": "http://www.securiteam.com/securitynews/5FP0N1P9PI.html",
"refsource": "MISC",
"url": "http://www.securiteam.com/securitynews/5FP0N1P9PI.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-1491",
"datePublished": "2007-10-24T23:00:00",
"dateReserved": "2007-10-24T00:00:00",
"dateUpdated": "2024-08-08T02:28:03.736Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-5153 (GCVE-0-2006-5153)
Vulnerability from cvelistv5 – Published: 2006-10-03 23:00 – Updated: 2024-08-07 19:41
VLAI?
Summary
The (1) fwdrv.sys and (2) khips.sys drivers in Sunbelt Kerio Personal Firewall 4.3.268 and earlier do not validate arguments passed through to SSDT functions, including NtCreateFile, NtDeleteFile, NtLoadDriver, NtMapViewOfSection, NtOpenFile, and NtSetInformationFile, which allows local users to cause a denial of service (crash) and possibly other impacts via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:41:05.577Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20061001 Kerio Multiple insufficient argument validation of hooked SSDT function Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/447504/100/0/threaded"
},
{
"name": "1685",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/1685"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.matousec.com/info/advisories/Kerio-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php"
},
{
"name": "22234",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22234"
},
{
"name": "20299",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20299"
},
{
"name": "kerio-drivers-dos(29313)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29313"
},
{
"name": "1016967",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016967"
},
{
"name": "ADV-2006-3872",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3872"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-10-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The (1) fwdrv.sys and (2) khips.sys drivers in Sunbelt Kerio Personal Firewall 4.3.268 and earlier do not validate arguments passed through to SSDT functions, including NtCreateFile, NtDeleteFile, NtLoadDriver, NtMapViewOfSection, NtOpenFile, and NtSetInformationFile, which allows local users to cause a denial of service (crash) and possibly other impacts via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20061001 Kerio Multiple insufficient argument validation of hooked SSDT function Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/447504/100/0/threaded"
},
{
"name": "1685",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/1685"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.matousec.com/info/advisories/Kerio-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php"
},
{
"name": "22234",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22234"
},
{
"name": "20299",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20299"
},
{
"name": "kerio-drivers-dos(29313)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29313"
},
{
"name": "1016967",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016967"
},
{
"name": "ADV-2006-3872",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3872"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5153",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The (1) fwdrv.sys and (2) khips.sys drivers in Sunbelt Kerio Personal Firewall 4.3.268 and earlier do not validate arguments passed through to SSDT functions, including NtCreateFile, NtDeleteFile, NtLoadDriver, NtMapViewOfSection, NtOpenFile, and NtSetInformationFile, which allows local users to cause a denial of service (crash) and possibly other impacts via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20061001 Kerio Multiple insufficient argument validation of hooked SSDT function Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/447504/100/0/threaded"
},
{
"name": "1685",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1685"
},
{
"name": "http://www.matousec.com/info/advisories/Kerio-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php",
"refsource": "MISC",
"url": "http://www.matousec.com/info/advisories/Kerio-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php"
},
{
"name": "22234",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22234"
},
{
"name": "20299",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20299"
},
{
"name": "kerio-drivers-dos(29313)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29313"
},
{
"name": "1016967",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016967"
},
{
"name": "ADV-2006-3872",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3872"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5153",
"datePublished": "2006-10-03T23:00:00",
"dateReserved": "2006-10-03T00:00:00",
"dateUpdated": "2024-08-07T19:41:05.577Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-3787 (GCVE-0-2006-3787)
Vulnerability from cvelistv5 – Published: 2006-07-21 21:00 – Updated: 2024-08-07 18:39
VLAI?
Summary
kpf4ss.exe in Sunbelt Kerio Personal Firewall 4.3.x before 4.3.268 does not properly hook the CreateRemoteThread API function, which allows local users to cause a denial of service (crash) and bypass protection mechanisms by calling CreateRemoteThread.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:39:54.297Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2006-2828",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2828"
},
{
"name": "18996",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18996"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.matousec.com/info/advisories/Kerio-Terminating-kpf4ss-exe-using-internal-runtime-error.php"
},
{
"name": "20060715 Kerio Terminating \u0027kpf4ss.exe\u0027 using internal runtime error Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/440112/100/100/threaded"
},
{
"name": "1260",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/1260"
},
{
"name": "21060",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21060"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-07-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "kpf4ss.exe in Sunbelt Kerio Personal Firewall 4.3.x before 4.3.268 does not properly hook the CreateRemoteThread API function, which allows local users to cause a denial of service (crash) and bypass protection mechanisms by calling CreateRemoteThread."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2006-2828",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2828"
},
{
"name": "18996",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18996"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.matousec.com/info/advisories/Kerio-Terminating-kpf4ss-exe-using-internal-runtime-error.php"
},
{
"name": "20060715 Kerio Terminating \u0027kpf4ss.exe\u0027 using internal runtime error Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/440112/100/100/threaded"
},
{
"name": "1260",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/1260"
},
{
"name": "21060",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21060"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3787",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "kpf4ss.exe in Sunbelt Kerio Personal Firewall 4.3.x before 4.3.268 does not properly hook the CreateRemoteThread API function, which allows local users to cause a denial of service (crash) and bypass protection mechanisms by calling CreateRemoteThread."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2006-2828",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2828"
},
{
"name": "18996",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18996"
},
{
"name": "http://www.matousec.com/info/advisories/Kerio-Terminating-kpf4ss-exe-using-internal-runtime-error.php",
"refsource": "MISC",
"url": "http://www.matousec.com/info/advisories/Kerio-Terminating-kpf4ss-exe-using-internal-runtime-error.php"
},
{
"name": "20060715 Kerio Terminating \u0027kpf4ss.exe\u0027 using internal runtime error Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/440112/100/100/threaded"
},
{
"name": "1260",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1260"
},
{
"name": "21060",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21060"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-3787",
"datePublished": "2006-07-21T21:00:00",
"dateReserved": "2006-07-21T00:00:00",
"dateUpdated": "2024-08-07T18:39:54.297Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-2161 (GCVE-0-2002-2161)
Vulnerability from cvelistv5 – Published: 2005-11-16 21:17 – Updated: 2024-09-17 00:30
VLAI?
Summary
Kerio Personal Firewall (KPF) 2.1.4 and earlier allows remote attackers to cause a denial of service (hang and CPU consumption) via a SYN packet flood.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:51:17.527Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "5570",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5570"
},
{
"name": "20020826 Kerio Personal Firewall DOS Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://online.securityfocus.com/archive/1/289119"
},
{
"name": "kerio-pf-synflood-dos(9963)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9963.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Kerio Personal Firewall (KPF) 2.1.4 and earlier allows remote attackers to cause a denial of service (hang and CPU consumption) via a SYN packet flood."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-16T21:17:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "5570",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5570"
},
{
"name": "20020826 Kerio Personal Firewall DOS Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://online.securityfocus.com/archive/1/289119"
},
{
"name": "kerio-pf-synflood-dos(9963)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9963.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-2161",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Kerio Personal Firewall (KPF) 2.1.4 and earlier allows remote attackers to cause a denial of service (hang and CPU consumption) via a SYN packet flood."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "5570",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5570"
},
{
"name": "20020826 Kerio Personal Firewall DOS Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/289119"
},
{
"name": "kerio-pf-synflood-dos(9963)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9963.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-2161",
"datePublished": "2005-11-16T21:17:00Z",
"dateReserved": "2005-11-16T00:00:00Z",
"dateUpdated": "2024-09-17T00:30:47.769Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-3286 (GCVE-0-2005-3286)
Vulnerability from cvelistv5 – Published: 2005-10-23 04:00 – Updated: 2024-08-07 23:10
VLAI?
Summary
The FWDRV driver in Kerio Personal Firewall 4.2 and Server Firewall 1.1.1 allows local users to cause a denial of service (crash) by setting the PAGE_NOACCESS or PAGE_GUARD protection on the Page Environment Block (PEB), which triggers an exception, aka the "PEB lockout vulnerability."
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:10:07.593Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "78",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/78"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://pb.specialised.info/all/adv/kerio-fwdrv-dos-adv.txt"
},
{
"name": "15094",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/15094"
},
{
"name": "19961",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/19961"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kerio.com/security_advisory.html"
},
{
"name": "17155",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17155"
},
{
"name": "20051013 Kerio Personal Firewall and Kerio Server Firewall FWDRV driver Local Denial of Service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://seclists.org/bugtraq/2005/Oct/166"
},
{
"name": "20051013 Kerio Personal Firewall and Kerio Server Firewall FWDRV driver Local Denial of Service",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-October/037958.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-10-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The FWDRV driver in Kerio Personal Firewall 4.2 and Server Firewall 1.1.1 allows local users to cause a denial of service (crash) by setting the PAGE_NOACCESS or PAGE_GUARD protection on the Page Environment Block (PEB), which triggers an exception, aka the \"PEB lockout vulnerability.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2006-04-04T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "78",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/78"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://pb.specialised.info/all/adv/kerio-fwdrv-dos-adv.txt"
},
{
"name": "15094",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/15094"
},
{
"name": "19961",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/19961"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kerio.com/security_advisory.html"
},
{
"name": "17155",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17155"
},
{
"name": "20051013 Kerio Personal Firewall and Kerio Server Firewall FWDRV driver Local Denial of Service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://seclists.org/bugtraq/2005/Oct/166"
},
{
"name": "20051013 Kerio Personal Firewall and Kerio Server Firewall FWDRV driver Local Denial of Service",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-October/037958.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-3286",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The FWDRV driver in Kerio Personal Firewall 4.2 and Server Firewall 1.1.1 allows local users to cause a denial of service (crash) by setting the PAGE_NOACCESS or PAGE_GUARD protection on the Page Environment Block (PEB), which triggers an exception, aka the \"PEB lockout vulnerability.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "78",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/78"
},
{
"name": "http://pb.specialised.info/all/adv/kerio-fwdrv-dos-adv.txt",
"refsource": "MISC",
"url": "http://pb.specialised.info/all/adv/kerio-fwdrv-dos-adv.txt"
},
{
"name": "15094",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15094"
},
{
"name": "19961",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/19961"
},
{
"name": "http://www.kerio.com/security_advisory.html",
"refsource": "CONFIRM",
"url": "http://www.kerio.com/security_advisory.html"
},
{
"name": "17155",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17155"
},
{
"name": "20051013 Kerio Personal Firewall and Kerio Server Firewall FWDRV driver Local Denial of Service",
"refsource": "BUGTRAQ",
"url": "http://seclists.org/bugtraq/2005/Oct/166"
},
{
"name": "20051013 Kerio Personal Firewall and Kerio Server Firewall FWDRV driver Local Denial of Service",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-October/037958.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-3286",
"datePublished": "2005-10-23T04:00:00",
"dateReserved": "2005-10-23T00:00:00",
"dateUpdated": "2024-08-07T23:10:07.593Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-2329 (GCVE-0-2004-2329)
Vulnerability from cvelistv5 – Published: 2005-08-16 04:00 – Updated: 2024-08-08 01:22
VLAI?
Summary
Kerio Personal Firewall (KPF) 2.1.5 allows local users to execute arbitrary code with SYSTEM privileges via the Load button in the Firewall Configuration Files option, which does not drop privileges before opening the file loading dialog box.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:22:13.679Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "9525",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/9525"
},
{
"name": "kerio-pf-gain-privileges(14981)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14981"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.tuneld.com/news/?id=30"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.tuneld.com/_images/other/kpf_system_privileges.png"
},
{
"name": "1008870",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/alerts/2004/Jan/1008870.html"
},
{
"name": "3748",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/3748"
},
{
"name": "10746",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10746/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-01-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Kerio Personal Firewall (KPF) 2.1.5 allows local users to execute arbitrary code with SYSTEM privileges via the Load button in the Firewall Configuration Files option, which does not drop privileges before opening the file loading dialog box."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "9525",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/9525"
},
{
"name": "kerio-pf-gain-privileges(14981)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14981"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.tuneld.com/news/?id=30"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.tuneld.com/_images/other/kpf_system_privileges.png"
},
{
"name": "1008870",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/alerts/2004/Jan/1008870.html"
},
{
"name": "3748",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/3748"
},
{
"name": "10746",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10746/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-2329",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Kerio Personal Firewall (KPF) 2.1.5 allows local users to execute arbitrary code with SYSTEM privileges via the Load button in the Firewall Configuration Files option, which does not drop privileges before opening the file loading dialog box."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "9525",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9525"
},
{
"name": "kerio-pf-gain-privileges(14981)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14981"
},
{
"name": "http://www.tuneld.com/news/?id=30",
"refsource": "MISC",
"url": "http://www.tuneld.com/news/?id=30"
},
{
"name": "http://www.tuneld.com/_images/other/kpf_system_privileges.png",
"refsource": "MISC",
"url": "http://www.tuneld.com/_images/other/kpf_system_privileges.png"
},
{
"name": "1008870",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/alerts/2004/Jan/1008870.html"
},
{
"name": "3748",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/3748"
},
{
"name": "10746",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10746/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-2329",
"datePublished": "2005-08-16T04:00:00",
"dateReserved": "2005-08-16T00:00:00",
"dateUpdated": "2024-08-08T01:22:13.679Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-1063 (GCVE-0-2005-1063)
Vulnerability from cvelistv5 – Published: 2005-04-29 04:00 – Updated: 2024-08-07 21:35
VLAI?
Summary
The administration protocol for Kerio WinRoute Firewall 6.x up to 6.0.10, Personal Firewall 4.x up to 4.1.2, and MailServer up to 6.0.8 allows remote attackers to cause a denial of service (CPU consumption) via certain attacks that force the product to "compute unexpected conditions" and "perform cryptographic operations."
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:35:59.857Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://research.tic.udc.es/scg/advisories/20050429-2.txt"
},
{
"name": "20050429 [CAN-2005-1063] Administration protocol abuse leads to Service and System Denial of Service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/397220"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kerio.com/security_advisory.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-04-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The administration protocol for Kerio WinRoute Firewall 6.x up to 6.0.10, Personal Firewall 4.x up to 4.1.2, and MailServer up to 6.0.8 allows remote attackers to cause a denial of service (CPU consumption) via certain attacks that force the product to \"compute unexpected conditions\" and \"perform cryptographic operations.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-05-03T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://research.tic.udc.es/scg/advisories/20050429-2.txt"
},
{
"name": "20050429 [CAN-2005-1063] Administration protocol abuse leads to Service and System Denial of Service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/397220"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kerio.com/security_advisory.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-1063",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The administration protocol for Kerio WinRoute Firewall 6.x up to 6.0.10, Personal Firewall 4.x up to 4.1.2, and MailServer up to 6.0.8 allows remote attackers to cause a denial of service (CPU consumption) via certain attacks that force the product to \"compute unexpected conditions\" and \"perform cryptographic operations.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://research.tic.udc.es/scg/advisories/20050429-2.txt",
"refsource": "MISC",
"url": "http://research.tic.udc.es/scg/advisories/20050429-2.txt"
},
{
"name": "20050429 [CAN-2005-1063] Administration protocol abuse leads to Service and System Denial of Service",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/397220"
},
{
"name": "http://www.kerio.com/security_advisory.html",
"refsource": "CONFIRM",
"url": "http://www.kerio.com/security_advisory.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-1063",
"datePublished": "2005-04-29T04:00:00",
"dateReserved": "2005-04-12T00:00:00",
"dateUpdated": "2024-08-07T21:35:59.857Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-1062 (GCVE-0-2005-1062)
Vulnerability from cvelistv5 – Published: 2005-04-29 04:00 – Updated: 2024-08-07 21:35
VLAI?
Summary
The administration protocol for Kerio WinRoute Firewall 6.x up to 6.0.10, Personal Firewall 4.x up to 4.1.2, and MailServer up to 6.0.8 allows remote attackers to quickly obtain passwords that are 5 characters or less via brute force methods.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:35:59.962Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://research.tic.udc.es/scg/advisories/20050429-1.txt"
},
{
"name": "20050429 [CAN-2005-1062] Administration protocol abuse allows local/remote password cracking",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/397221"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kerio.com/security_advisory.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-04-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The administration protocol for Kerio WinRoute Firewall 6.x up to 6.0.10, Personal Firewall 4.x up to 4.1.2, and MailServer up to 6.0.8 allows remote attackers to quickly obtain passwords that are 5 characters or less via brute force methods."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-05-03T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://research.tic.udc.es/scg/advisories/20050429-1.txt"
},
{
"name": "20050429 [CAN-2005-1062] Administration protocol abuse allows local/remote password cracking",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/397221"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kerio.com/security_advisory.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-1062",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The administration protocol for Kerio WinRoute Firewall 6.x up to 6.0.10, Personal Firewall 4.x up to 4.1.2, and MailServer up to 6.0.8 allows remote attackers to quickly obtain passwords that are 5 characters or less via brute force methods."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://research.tic.udc.es/scg/advisories/20050429-1.txt",
"refsource": "MISC",
"url": "http://research.tic.udc.es/scg/advisories/20050429-1.txt"
},
{
"name": "20050429 [CAN-2005-1062] Administration protocol abuse allows local/remote password cracking",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/397221"
},
{
"name": "http://www.kerio.com/security_advisory.html",
"refsource": "CONFIRM",
"url": "http://www.kerio.com/security_advisory.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-1062",
"datePublished": "2005-04-29T04:00:00",
"dateReserved": "2005-04-12T00:00:00",
"dateUpdated": "2024-08-07T21:35:59.962Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-0964 (GCVE-0-2005-0964)
Vulnerability from cvelistv5 – Published: 2005-04-03 05:00 – Updated: 2024-08-07 21:35
VLAI?
Summary
Unknown vulnerability in Kerio Personal Firewall 4.1.2 and earlier allows local users to bypass firewall rules via a malicious process that impersonates a legitimate process that has fewer restrictions.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:35:58.932Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "12946",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/12946"
},
{
"name": "14717",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/14717"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kerio.com/security_advisory.html#0503"
},
{
"name": "kerio-firewall-rule-security-bypass(19893)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19893"
},
{
"name": "1013607",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1013607"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-03-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unknown vulnerability in Kerio Personal Firewall 4.1.2 and earlier allows local users to bypass firewall rules via a malicious process that impersonates a legitimate process that has fewer restrictions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "12946",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/12946"
},
{
"name": "14717",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/14717"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kerio.com/security_advisory.html#0503"
},
{
"name": "kerio-firewall-rule-security-bypass(19893)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19893"
},
{
"name": "1013607",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1013607"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0964",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unknown vulnerability in Kerio Personal Firewall 4.1.2 and earlier allows local users to bypass firewall rules via a malicious process that impersonates a legitimate process that has fewer restrictions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "12946",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12946"
},
{
"name": "14717",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/14717"
},
{
"name": "http://www.kerio.com/security_advisory.html#0503",
"refsource": "CONFIRM",
"url": "http://www.kerio.com/security_advisory.html#0503"
},
{
"name": "kerio-firewall-rule-security-bypass(19893)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19893"
},
{
"name": "1013607",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1013607"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-0964",
"datePublished": "2005-04-03T05:00:00",
"dateReserved": "2005-04-03T00:00:00",
"dateUpdated": "2024-08-07T21:35:58.932Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-1658 (GCVE-0-2004-1658)
Vulnerability from cvelistv5 – Published: 2005-02-20 05:00 – Updated: 2024-08-08 01:00
VLAI?
Summary
Kerio Personal Firewall 4.0 (KPF4) allows local users with administrative privileges to bypass the Application Security feature and execute arbitrary processes by directly writing to \device\physicalmemory to restore the running kernel's SDT ServiceTable.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:00:36.880Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.security.org.sg/vuln/kerio4016.html"
},
{
"name": "kerio-pf-protection-dos(17270)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17270"
},
{
"name": "11096",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11096"
},
{
"name": "12468",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/12468/"
},
{
"name": "20040902 Kerio Personal Firewall\u0027s Application Launch Protection Can Be Disabled by Direct Service Table Restoration",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109420310631039\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-09-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Kerio Personal Firewall 4.0 (KPF4) allows local users with administrative privileges to bypass the Application Security feature and execute arbitrary processes by directly writing to \\device\\physicalmemory to restore the running kernel\u0027s SDT ServiceTable."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.security.org.sg/vuln/kerio4016.html"
},
{
"name": "kerio-pf-protection-dos(17270)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17270"
},
{
"name": "11096",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11096"
},
{
"name": "12468",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/12468/"
},
{
"name": "20040902 Kerio Personal Firewall\u0027s Application Launch Protection Can Be Disabled by Direct Service Table Restoration",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109420310631039\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1658",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Kerio Personal Firewall 4.0 (KPF4) allows local users with administrative privileges to bypass the Application Security feature and execute arbitrary processes by directly writing to \\device\\physicalmemory to restore the running kernel\u0027s SDT ServiceTable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.security.org.sg/vuln/kerio4016.html",
"refsource": "MISC",
"url": "http://www.security.org.sg/vuln/kerio4016.html"
},
{
"name": "kerio-pf-protection-dos(17270)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17270"
},
{
"name": "11096",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11096"
},
{
"name": "12468",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/12468/"
},
{
"name": "20040902 Kerio Personal Firewall\u0027s Application Launch Protection Can Be Disabled by Direct Service Table Restoration",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=109420310631039\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1658",
"datePublished": "2005-02-20T05:00:00",
"dateReserved": "2005-02-21T00:00:00",
"dateUpdated": "2024-08-08T01:00:36.880Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-1109 (GCVE-0-2004-1109)
Vulnerability from cvelistv5 – Published: 2004-12-01 05:00 – Updated: 2024-08-08 00:39
VLAI?
Summary
The FWDRV.SYS driver in Kerio Personal Firewall 4.1.1 and earlier allows remote attackers to cause a denial of service (CPU consumption and system freeze from infinite loop) via a (1) TCP, (2) UDP, or (3) ICMP packet with a zero length IP Option field.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:39:00.881Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "kerio-pf-packet-dos(17992)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17992"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kerio.com/security_advisory.html"
},
{
"name": "11639",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11639"
},
{
"name": "AD20041109",
"tags": [
"third-party-advisory",
"x_refsource_EEYE",
"x_transferred"
],
"url": "http://www.eeye.com/html/research/advisories/AD20041109.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-11-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The FWDRV.SYS driver in Kerio Personal Firewall 4.1.1 and earlier allows remote attackers to cause a denial of service (CPU consumption and system freeze from infinite loop) via a (1) TCP, (2) UDP, or (3) ICMP packet with a zero length IP Option field."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "kerio-pf-packet-dos(17992)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17992"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kerio.com/security_advisory.html"
},
{
"name": "11639",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11639"
},
{
"name": "AD20041109",
"tags": [
"third-party-advisory",
"x_refsource_EEYE"
],
"url": "http://www.eeye.com/html/research/advisories/AD20041109.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1109",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The FWDRV.SYS driver in Kerio Personal Firewall 4.1.1 and earlier allows remote attackers to cause a denial of service (CPU consumption and system freeze from infinite loop) via a (1) TCP, (2) UDP, or (3) ICMP packet with a zero length IP Option field."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "kerio-pf-packet-dos(17992)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17992"
},
{
"name": "http://www.kerio.com/security_advisory.html",
"refsource": "CONFIRM",
"url": "http://www.kerio.com/security_advisory.html"
},
{
"name": "11639",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11639"
},
{
"name": "AD20041109",
"refsource": "EEYE",
"url": "http://www.eeye.com/html/research/advisories/AD20041109.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1109",
"datePublished": "2004-12-01T05:00:00",
"dateReserved": "2004-11-30T00:00:00",
"dateUpdated": "2024-08-08T00:39:00.881Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-1491 (GCVE-0-2003-1491)
Vulnerability from nvd – Published: 2007-10-24 23:00 – Updated: 2024-08-08 02:28
VLAI?
Summary
Kerio Personal Firewall (KPF) 2.1.4 has a default rule to accept incoming packets from DNS (UDP port 53), which allows remote attackers to bypass the firewall filters via packets with a source port of 53.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:28:03.736Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "7436",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/7436"
},
{
"name": "20030422 UDP bypassing in Kerio Firewall 2.1.4",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2003-q2/0352.html"
},
{
"name": "kerio-pf-firewall-bypass(11880)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11880"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securiteam.com/securitynews/5FP0N1P9PI.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-04-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Kerio Personal Firewall (KPF) 2.1.4 has a default rule to accept incoming packets from DNS (UDP port 53), which allows remote attackers to bypass the firewall filters via packets with a source port of 53."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "7436",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/7436"
},
{
"name": "20030422 UDP bypassing in Kerio Firewall 2.1.4",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2003-q2/0352.html"
},
{
"name": "kerio-pf-firewall-bypass(11880)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11880"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securiteam.com/securitynews/5FP0N1P9PI.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-1491",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Kerio Personal Firewall (KPF) 2.1.4 has a default rule to accept incoming packets from DNS (UDP port 53), which allows remote attackers to bypass the firewall filters via packets with a source port of 53."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "7436",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/7436"
},
{
"name": "20030422 UDP bypassing in Kerio Firewall 2.1.4",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2003-q2/0352.html"
},
{
"name": "kerio-pf-firewall-bypass(11880)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11880"
},
{
"name": "http://www.securiteam.com/securitynews/5FP0N1P9PI.html",
"refsource": "MISC",
"url": "http://www.securiteam.com/securitynews/5FP0N1P9PI.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-1491",
"datePublished": "2007-10-24T23:00:00",
"dateReserved": "2007-10-24T00:00:00",
"dateUpdated": "2024-08-08T02:28:03.736Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-5153 (GCVE-0-2006-5153)
Vulnerability from nvd – Published: 2006-10-03 23:00 – Updated: 2024-08-07 19:41
VLAI?
Summary
The (1) fwdrv.sys and (2) khips.sys drivers in Sunbelt Kerio Personal Firewall 4.3.268 and earlier do not validate arguments passed through to SSDT functions, including NtCreateFile, NtDeleteFile, NtLoadDriver, NtMapViewOfSection, NtOpenFile, and NtSetInformationFile, which allows local users to cause a denial of service (crash) and possibly other impacts via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:41:05.577Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20061001 Kerio Multiple insufficient argument validation of hooked SSDT function Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/447504/100/0/threaded"
},
{
"name": "1685",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/1685"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.matousec.com/info/advisories/Kerio-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php"
},
{
"name": "22234",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22234"
},
{
"name": "20299",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20299"
},
{
"name": "kerio-drivers-dos(29313)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29313"
},
{
"name": "1016967",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016967"
},
{
"name": "ADV-2006-3872",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3872"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-10-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The (1) fwdrv.sys and (2) khips.sys drivers in Sunbelt Kerio Personal Firewall 4.3.268 and earlier do not validate arguments passed through to SSDT functions, including NtCreateFile, NtDeleteFile, NtLoadDriver, NtMapViewOfSection, NtOpenFile, and NtSetInformationFile, which allows local users to cause a denial of service (crash) and possibly other impacts via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20061001 Kerio Multiple insufficient argument validation of hooked SSDT function Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/447504/100/0/threaded"
},
{
"name": "1685",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/1685"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.matousec.com/info/advisories/Kerio-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php"
},
{
"name": "22234",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22234"
},
{
"name": "20299",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20299"
},
{
"name": "kerio-drivers-dos(29313)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29313"
},
{
"name": "1016967",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016967"
},
{
"name": "ADV-2006-3872",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3872"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5153",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The (1) fwdrv.sys and (2) khips.sys drivers in Sunbelt Kerio Personal Firewall 4.3.268 and earlier do not validate arguments passed through to SSDT functions, including NtCreateFile, NtDeleteFile, NtLoadDriver, NtMapViewOfSection, NtOpenFile, and NtSetInformationFile, which allows local users to cause a denial of service (crash) and possibly other impacts via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20061001 Kerio Multiple insufficient argument validation of hooked SSDT function Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/447504/100/0/threaded"
},
{
"name": "1685",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1685"
},
{
"name": "http://www.matousec.com/info/advisories/Kerio-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php",
"refsource": "MISC",
"url": "http://www.matousec.com/info/advisories/Kerio-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php"
},
{
"name": "22234",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22234"
},
{
"name": "20299",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20299"
},
{
"name": "kerio-drivers-dos(29313)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29313"
},
{
"name": "1016967",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016967"
},
{
"name": "ADV-2006-3872",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3872"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5153",
"datePublished": "2006-10-03T23:00:00",
"dateReserved": "2006-10-03T00:00:00",
"dateUpdated": "2024-08-07T19:41:05.577Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-3787 (GCVE-0-2006-3787)
Vulnerability from nvd – Published: 2006-07-21 21:00 – Updated: 2024-08-07 18:39
VLAI?
Summary
kpf4ss.exe in Sunbelt Kerio Personal Firewall 4.3.x before 4.3.268 does not properly hook the CreateRemoteThread API function, which allows local users to cause a denial of service (crash) and bypass protection mechanisms by calling CreateRemoteThread.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:39:54.297Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2006-2828",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2828"
},
{
"name": "18996",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18996"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.matousec.com/info/advisories/Kerio-Terminating-kpf4ss-exe-using-internal-runtime-error.php"
},
{
"name": "20060715 Kerio Terminating \u0027kpf4ss.exe\u0027 using internal runtime error Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/440112/100/100/threaded"
},
{
"name": "1260",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/1260"
},
{
"name": "21060",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21060"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-07-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "kpf4ss.exe in Sunbelt Kerio Personal Firewall 4.3.x before 4.3.268 does not properly hook the CreateRemoteThread API function, which allows local users to cause a denial of service (crash) and bypass protection mechanisms by calling CreateRemoteThread."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2006-2828",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2828"
},
{
"name": "18996",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18996"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.matousec.com/info/advisories/Kerio-Terminating-kpf4ss-exe-using-internal-runtime-error.php"
},
{
"name": "20060715 Kerio Terminating \u0027kpf4ss.exe\u0027 using internal runtime error Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/440112/100/100/threaded"
},
{
"name": "1260",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/1260"
},
{
"name": "21060",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21060"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3787",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "kpf4ss.exe in Sunbelt Kerio Personal Firewall 4.3.x before 4.3.268 does not properly hook the CreateRemoteThread API function, which allows local users to cause a denial of service (crash) and bypass protection mechanisms by calling CreateRemoteThread."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2006-2828",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2828"
},
{
"name": "18996",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18996"
},
{
"name": "http://www.matousec.com/info/advisories/Kerio-Terminating-kpf4ss-exe-using-internal-runtime-error.php",
"refsource": "MISC",
"url": "http://www.matousec.com/info/advisories/Kerio-Terminating-kpf4ss-exe-using-internal-runtime-error.php"
},
{
"name": "20060715 Kerio Terminating \u0027kpf4ss.exe\u0027 using internal runtime error Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/440112/100/100/threaded"
},
{
"name": "1260",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1260"
},
{
"name": "21060",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21060"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-3787",
"datePublished": "2006-07-21T21:00:00",
"dateReserved": "2006-07-21T00:00:00",
"dateUpdated": "2024-08-07T18:39:54.297Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-2161 (GCVE-0-2002-2161)
Vulnerability from nvd – Published: 2005-11-16 21:17 – Updated: 2024-09-17 00:30
VLAI?
Summary
Kerio Personal Firewall (KPF) 2.1.4 and earlier allows remote attackers to cause a denial of service (hang and CPU consumption) via a SYN packet flood.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:51:17.527Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "5570",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5570"
},
{
"name": "20020826 Kerio Personal Firewall DOS Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://online.securityfocus.com/archive/1/289119"
},
{
"name": "kerio-pf-synflood-dos(9963)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9963.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Kerio Personal Firewall (KPF) 2.1.4 and earlier allows remote attackers to cause a denial of service (hang and CPU consumption) via a SYN packet flood."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-16T21:17:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "5570",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5570"
},
{
"name": "20020826 Kerio Personal Firewall DOS Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://online.securityfocus.com/archive/1/289119"
},
{
"name": "kerio-pf-synflood-dos(9963)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9963.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-2161",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Kerio Personal Firewall (KPF) 2.1.4 and earlier allows remote attackers to cause a denial of service (hang and CPU consumption) via a SYN packet flood."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "5570",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5570"
},
{
"name": "20020826 Kerio Personal Firewall DOS Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/289119"
},
{
"name": "kerio-pf-synflood-dos(9963)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9963.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-2161",
"datePublished": "2005-11-16T21:17:00Z",
"dateReserved": "2005-11-16T00:00:00Z",
"dateUpdated": "2024-09-17T00:30:47.769Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-3286 (GCVE-0-2005-3286)
Vulnerability from nvd – Published: 2005-10-23 04:00 – Updated: 2024-08-07 23:10
VLAI?
Summary
The FWDRV driver in Kerio Personal Firewall 4.2 and Server Firewall 1.1.1 allows local users to cause a denial of service (crash) by setting the PAGE_NOACCESS or PAGE_GUARD protection on the Page Environment Block (PEB), which triggers an exception, aka the "PEB lockout vulnerability."
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:10:07.593Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "78",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/78"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://pb.specialised.info/all/adv/kerio-fwdrv-dos-adv.txt"
},
{
"name": "15094",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/15094"
},
{
"name": "19961",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/19961"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kerio.com/security_advisory.html"
},
{
"name": "17155",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17155"
},
{
"name": "20051013 Kerio Personal Firewall and Kerio Server Firewall FWDRV driver Local Denial of Service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://seclists.org/bugtraq/2005/Oct/166"
},
{
"name": "20051013 Kerio Personal Firewall and Kerio Server Firewall FWDRV driver Local Denial of Service",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-October/037958.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-10-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The FWDRV driver in Kerio Personal Firewall 4.2 and Server Firewall 1.1.1 allows local users to cause a denial of service (crash) by setting the PAGE_NOACCESS or PAGE_GUARD protection on the Page Environment Block (PEB), which triggers an exception, aka the \"PEB lockout vulnerability.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2006-04-04T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "78",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/78"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://pb.specialised.info/all/adv/kerio-fwdrv-dos-adv.txt"
},
{
"name": "15094",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/15094"
},
{
"name": "19961",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/19961"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kerio.com/security_advisory.html"
},
{
"name": "17155",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17155"
},
{
"name": "20051013 Kerio Personal Firewall and Kerio Server Firewall FWDRV driver Local Denial of Service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://seclists.org/bugtraq/2005/Oct/166"
},
{
"name": "20051013 Kerio Personal Firewall and Kerio Server Firewall FWDRV driver Local Denial of Service",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-October/037958.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-3286",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The FWDRV driver in Kerio Personal Firewall 4.2 and Server Firewall 1.1.1 allows local users to cause a denial of service (crash) by setting the PAGE_NOACCESS or PAGE_GUARD protection on the Page Environment Block (PEB), which triggers an exception, aka the \"PEB lockout vulnerability.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "78",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/78"
},
{
"name": "http://pb.specialised.info/all/adv/kerio-fwdrv-dos-adv.txt",
"refsource": "MISC",
"url": "http://pb.specialised.info/all/adv/kerio-fwdrv-dos-adv.txt"
},
{
"name": "15094",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15094"
},
{
"name": "19961",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/19961"
},
{
"name": "http://www.kerio.com/security_advisory.html",
"refsource": "CONFIRM",
"url": "http://www.kerio.com/security_advisory.html"
},
{
"name": "17155",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17155"
},
{
"name": "20051013 Kerio Personal Firewall and Kerio Server Firewall FWDRV driver Local Denial of Service",
"refsource": "BUGTRAQ",
"url": "http://seclists.org/bugtraq/2005/Oct/166"
},
{
"name": "20051013 Kerio Personal Firewall and Kerio Server Firewall FWDRV driver Local Denial of Service",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-October/037958.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-3286",
"datePublished": "2005-10-23T04:00:00",
"dateReserved": "2005-10-23T00:00:00",
"dateUpdated": "2024-08-07T23:10:07.593Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-2329 (GCVE-0-2004-2329)
Vulnerability from nvd – Published: 2005-08-16 04:00 – Updated: 2024-08-08 01:22
VLAI?
Summary
Kerio Personal Firewall (KPF) 2.1.5 allows local users to execute arbitrary code with SYSTEM privileges via the Load button in the Firewall Configuration Files option, which does not drop privileges before opening the file loading dialog box.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:22:13.679Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "9525",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/9525"
},
{
"name": "kerio-pf-gain-privileges(14981)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14981"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.tuneld.com/news/?id=30"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.tuneld.com/_images/other/kpf_system_privileges.png"
},
{
"name": "1008870",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/alerts/2004/Jan/1008870.html"
},
{
"name": "3748",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/3748"
},
{
"name": "10746",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10746/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-01-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Kerio Personal Firewall (KPF) 2.1.5 allows local users to execute arbitrary code with SYSTEM privileges via the Load button in the Firewall Configuration Files option, which does not drop privileges before opening the file loading dialog box."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "9525",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/9525"
},
{
"name": "kerio-pf-gain-privileges(14981)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14981"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.tuneld.com/news/?id=30"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.tuneld.com/_images/other/kpf_system_privileges.png"
},
{
"name": "1008870",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/alerts/2004/Jan/1008870.html"
},
{
"name": "3748",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/3748"
},
{
"name": "10746",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10746/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-2329",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Kerio Personal Firewall (KPF) 2.1.5 allows local users to execute arbitrary code with SYSTEM privileges via the Load button in the Firewall Configuration Files option, which does not drop privileges before opening the file loading dialog box."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "9525",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9525"
},
{
"name": "kerio-pf-gain-privileges(14981)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14981"
},
{
"name": "http://www.tuneld.com/news/?id=30",
"refsource": "MISC",
"url": "http://www.tuneld.com/news/?id=30"
},
{
"name": "http://www.tuneld.com/_images/other/kpf_system_privileges.png",
"refsource": "MISC",
"url": "http://www.tuneld.com/_images/other/kpf_system_privileges.png"
},
{
"name": "1008870",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/alerts/2004/Jan/1008870.html"
},
{
"name": "3748",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/3748"
},
{
"name": "10746",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10746/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-2329",
"datePublished": "2005-08-16T04:00:00",
"dateReserved": "2005-08-16T00:00:00",
"dateUpdated": "2024-08-08T01:22:13.679Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-1063 (GCVE-0-2005-1063)
Vulnerability from nvd – Published: 2005-04-29 04:00 – Updated: 2024-08-07 21:35
VLAI?
Summary
The administration protocol for Kerio WinRoute Firewall 6.x up to 6.0.10, Personal Firewall 4.x up to 4.1.2, and MailServer up to 6.0.8 allows remote attackers to cause a denial of service (CPU consumption) via certain attacks that force the product to "compute unexpected conditions" and "perform cryptographic operations."
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:35:59.857Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://research.tic.udc.es/scg/advisories/20050429-2.txt"
},
{
"name": "20050429 [CAN-2005-1063] Administration protocol abuse leads to Service and System Denial of Service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/397220"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kerio.com/security_advisory.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-04-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The administration protocol for Kerio WinRoute Firewall 6.x up to 6.0.10, Personal Firewall 4.x up to 4.1.2, and MailServer up to 6.0.8 allows remote attackers to cause a denial of service (CPU consumption) via certain attacks that force the product to \"compute unexpected conditions\" and \"perform cryptographic operations.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-05-03T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://research.tic.udc.es/scg/advisories/20050429-2.txt"
},
{
"name": "20050429 [CAN-2005-1063] Administration protocol abuse leads to Service and System Denial of Service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/397220"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kerio.com/security_advisory.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-1063",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The administration protocol for Kerio WinRoute Firewall 6.x up to 6.0.10, Personal Firewall 4.x up to 4.1.2, and MailServer up to 6.0.8 allows remote attackers to cause a denial of service (CPU consumption) via certain attacks that force the product to \"compute unexpected conditions\" and \"perform cryptographic operations.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://research.tic.udc.es/scg/advisories/20050429-2.txt",
"refsource": "MISC",
"url": "http://research.tic.udc.es/scg/advisories/20050429-2.txt"
},
{
"name": "20050429 [CAN-2005-1063] Administration protocol abuse leads to Service and System Denial of Service",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/397220"
},
{
"name": "http://www.kerio.com/security_advisory.html",
"refsource": "CONFIRM",
"url": "http://www.kerio.com/security_advisory.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-1063",
"datePublished": "2005-04-29T04:00:00",
"dateReserved": "2005-04-12T00:00:00",
"dateUpdated": "2024-08-07T21:35:59.857Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-1062 (GCVE-0-2005-1062)
Vulnerability from nvd – Published: 2005-04-29 04:00 – Updated: 2024-08-07 21:35
VLAI?
Summary
The administration protocol for Kerio WinRoute Firewall 6.x up to 6.0.10, Personal Firewall 4.x up to 4.1.2, and MailServer up to 6.0.8 allows remote attackers to quickly obtain passwords that are 5 characters or less via brute force methods.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:35:59.962Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://research.tic.udc.es/scg/advisories/20050429-1.txt"
},
{
"name": "20050429 [CAN-2005-1062] Administration protocol abuse allows local/remote password cracking",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/397221"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kerio.com/security_advisory.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-04-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The administration protocol for Kerio WinRoute Firewall 6.x up to 6.0.10, Personal Firewall 4.x up to 4.1.2, and MailServer up to 6.0.8 allows remote attackers to quickly obtain passwords that are 5 characters or less via brute force methods."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-05-03T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://research.tic.udc.es/scg/advisories/20050429-1.txt"
},
{
"name": "20050429 [CAN-2005-1062] Administration protocol abuse allows local/remote password cracking",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/397221"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kerio.com/security_advisory.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-1062",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The administration protocol for Kerio WinRoute Firewall 6.x up to 6.0.10, Personal Firewall 4.x up to 4.1.2, and MailServer up to 6.0.8 allows remote attackers to quickly obtain passwords that are 5 characters or less via brute force methods."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://research.tic.udc.es/scg/advisories/20050429-1.txt",
"refsource": "MISC",
"url": "http://research.tic.udc.es/scg/advisories/20050429-1.txt"
},
{
"name": "20050429 [CAN-2005-1062] Administration protocol abuse allows local/remote password cracking",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/397221"
},
{
"name": "http://www.kerio.com/security_advisory.html",
"refsource": "CONFIRM",
"url": "http://www.kerio.com/security_advisory.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-1062",
"datePublished": "2005-04-29T04:00:00",
"dateReserved": "2005-04-12T00:00:00",
"dateUpdated": "2024-08-07T21:35:59.962Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-0964 (GCVE-0-2005-0964)
Vulnerability from nvd – Published: 2005-04-03 05:00 – Updated: 2024-08-07 21:35
VLAI?
Summary
Unknown vulnerability in Kerio Personal Firewall 4.1.2 and earlier allows local users to bypass firewall rules via a malicious process that impersonates a legitimate process that has fewer restrictions.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:35:58.932Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "12946",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/12946"
},
{
"name": "14717",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/14717"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kerio.com/security_advisory.html#0503"
},
{
"name": "kerio-firewall-rule-security-bypass(19893)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19893"
},
{
"name": "1013607",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1013607"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-03-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unknown vulnerability in Kerio Personal Firewall 4.1.2 and earlier allows local users to bypass firewall rules via a malicious process that impersonates a legitimate process that has fewer restrictions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "12946",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/12946"
},
{
"name": "14717",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/14717"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kerio.com/security_advisory.html#0503"
},
{
"name": "kerio-firewall-rule-security-bypass(19893)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19893"
},
{
"name": "1013607",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1013607"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0964",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unknown vulnerability in Kerio Personal Firewall 4.1.2 and earlier allows local users to bypass firewall rules via a malicious process that impersonates a legitimate process that has fewer restrictions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "12946",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12946"
},
{
"name": "14717",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/14717"
},
{
"name": "http://www.kerio.com/security_advisory.html#0503",
"refsource": "CONFIRM",
"url": "http://www.kerio.com/security_advisory.html#0503"
},
{
"name": "kerio-firewall-rule-security-bypass(19893)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19893"
},
{
"name": "1013607",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1013607"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-0964",
"datePublished": "2005-04-03T05:00:00",
"dateReserved": "2005-04-03T00:00:00",
"dateUpdated": "2024-08-07T21:35:58.932Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-1658 (GCVE-0-2004-1658)
Vulnerability from nvd – Published: 2005-02-20 05:00 – Updated: 2024-08-08 01:00
VLAI?
Summary
Kerio Personal Firewall 4.0 (KPF4) allows local users with administrative privileges to bypass the Application Security feature and execute arbitrary processes by directly writing to \device\physicalmemory to restore the running kernel's SDT ServiceTable.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:00:36.880Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.security.org.sg/vuln/kerio4016.html"
},
{
"name": "kerio-pf-protection-dos(17270)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17270"
},
{
"name": "11096",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11096"
},
{
"name": "12468",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/12468/"
},
{
"name": "20040902 Kerio Personal Firewall\u0027s Application Launch Protection Can Be Disabled by Direct Service Table Restoration",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109420310631039\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-09-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Kerio Personal Firewall 4.0 (KPF4) allows local users with administrative privileges to bypass the Application Security feature and execute arbitrary processes by directly writing to \\device\\physicalmemory to restore the running kernel\u0027s SDT ServiceTable."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.security.org.sg/vuln/kerio4016.html"
},
{
"name": "kerio-pf-protection-dos(17270)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17270"
},
{
"name": "11096",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11096"
},
{
"name": "12468",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/12468/"
},
{
"name": "20040902 Kerio Personal Firewall\u0027s Application Launch Protection Can Be Disabled by Direct Service Table Restoration",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109420310631039\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1658",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Kerio Personal Firewall 4.0 (KPF4) allows local users with administrative privileges to bypass the Application Security feature and execute arbitrary processes by directly writing to \\device\\physicalmemory to restore the running kernel\u0027s SDT ServiceTable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.security.org.sg/vuln/kerio4016.html",
"refsource": "MISC",
"url": "http://www.security.org.sg/vuln/kerio4016.html"
},
{
"name": "kerio-pf-protection-dos(17270)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17270"
},
{
"name": "11096",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11096"
},
{
"name": "12468",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/12468/"
},
{
"name": "20040902 Kerio Personal Firewall\u0027s Application Launch Protection Can Be Disabled by Direct Service Table Restoration",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=109420310631039\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1658",
"datePublished": "2005-02-20T05:00:00",
"dateReserved": "2005-02-21T00:00:00",
"dateUpdated": "2024-08-08T01:00:36.880Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-1109 (GCVE-0-2004-1109)
Vulnerability from nvd – Published: 2004-12-01 05:00 – Updated: 2024-08-08 00:39
VLAI?
Summary
The FWDRV.SYS driver in Kerio Personal Firewall 4.1.1 and earlier allows remote attackers to cause a denial of service (CPU consumption and system freeze from infinite loop) via a (1) TCP, (2) UDP, or (3) ICMP packet with a zero length IP Option field.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:39:00.881Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "kerio-pf-packet-dos(17992)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17992"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kerio.com/security_advisory.html"
},
{
"name": "11639",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11639"
},
{
"name": "AD20041109",
"tags": [
"third-party-advisory",
"x_refsource_EEYE",
"x_transferred"
],
"url": "http://www.eeye.com/html/research/advisories/AD20041109.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-11-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The FWDRV.SYS driver in Kerio Personal Firewall 4.1.1 and earlier allows remote attackers to cause a denial of service (CPU consumption and system freeze from infinite loop) via a (1) TCP, (2) UDP, or (3) ICMP packet with a zero length IP Option field."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "kerio-pf-packet-dos(17992)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17992"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kerio.com/security_advisory.html"
},
{
"name": "11639",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11639"
},
{
"name": "AD20041109",
"tags": [
"third-party-advisory",
"x_refsource_EEYE"
],
"url": "http://www.eeye.com/html/research/advisories/AD20041109.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1109",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The FWDRV.SYS driver in Kerio Personal Firewall 4.1.1 and earlier allows remote attackers to cause a denial of service (CPU consumption and system freeze from infinite loop) via a (1) TCP, (2) UDP, or (3) ICMP packet with a zero length IP Option field."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "kerio-pf-packet-dos(17992)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17992"
},
{
"name": "http://www.kerio.com/security_advisory.html",
"refsource": "CONFIRM",
"url": "http://www.kerio.com/security_advisory.html"
},
{
"name": "11639",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11639"
},
{
"name": "AD20041109",
"refsource": "EEYE",
"url": "http://www.eeye.com/html/research/advisories/AD20041109.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1109",
"datePublished": "2004-12-01T05:00:00",
"dateReserved": "2004-11-30T00:00:00",
"dateUpdated": "2024-08-08T00:39:00.881Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
FKIE_CVE-2006-5153
Vulnerability from fkie_nvd - Published: 2006-10-05 04:04 - Updated: 2025-04-09 00:30
Severity ?
Summary
The (1) fwdrv.sys and (2) khips.sys drivers in Sunbelt Kerio Personal Firewall 4.3.268 and earlier do not validate arguments passed through to SSDT functions, including NtCreateFile, NtDeleteFile, NtLoadDriver, NtMapViewOfSection, NtOpenFile, and NtSetInformationFile, which allows local users to cause a denial of service (crash) and possibly other impacts via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| kerio | personal_firewall | 4.0.6 | |
| kerio | personal_firewall | 4.0.7 | |
| kerio | personal_firewall | 4.0.8 | |
| kerio | personal_firewall | 4.0.9 | |
| kerio | personal_firewall | 4.0.10 | |
| kerio | personal_firewall | 4.0.11 | |
| kerio | personal_firewall | 4.0.12 | |
| kerio | personal_firewall | 4.0.13 | |
| kerio | personal_firewall | 4.0.14 | |
| kerio | personal_firewall | 4.0.15 | |
| kerio | personal_firewall | 4.0.16 | |
| kerio | personal_firewall | 4.1 | |
| kerio | personal_firewall | 4.1.0 | |
| kerio | personal_firewall | 4.1.1 | |
| kerio | personal_firewall | 4.1.2 | |
| kerio | personal_firewall | 4.2 | |
| kerio | personal_firewall | 4.3.246 | |
| kerio | personal_firewall | 4.3.268 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kerio:personal_firewall:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E6C66920-4A4F-4335-B052-44E1F92F585B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:personal_firewall:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "658F01AE-C211-473C-BF70-E524E4310F20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:personal_firewall:4.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1F769FAE-CC31-4C8B-B785-1423DFC2BA3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:personal_firewall:4.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "CB7202BC-AD0B-41B1-B7C1-7665498C967B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:personal_firewall:4.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "38E60288-F9E6-4E7C-9B48-352277A34C85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:personal_firewall:4.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "32087795-35B4-427A-BDAE-F0A217230C18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:personal_firewall:4.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "4C04B63F-3715-46F1-917E-5185691BD619",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:personal_firewall:4.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "3B1A9450-D6E7-4D0A-A9BF-E64284D1E1CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:personal_firewall:4.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "041B4428-ADC5-4BD2-9F6E-0BE2362FD9B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:personal_firewall:4.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "8E19F4EE-1567-4CD8-895C-474CE80241AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:personal_firewall:4.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "19EA5978-64EC-4B54-BC06-20324DB0E6CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:personal_firewall:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C2B9D00A-6598-4BC0-B058-7598657274D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:personal_firewall:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F81E1EDB-A491-4BE6-B6DE-1C4A695EE1F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:personal_firewall:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5C076C7D-D833-42CF-9FEF-F3654013AB05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:personal_firewall:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9FEB6DB5-851E-4EDF-AC1C-CBA502C6D5A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:personal_firewall:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6682610C-1564-48E3-A364-76B6F5369F02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:personal_firewall:4.3.246:*:*:*:*:*:*:*",
"matchCriteriaId": "651BA95B-3298-459C-9141-B8D3E8532FF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:personal_firewall:4.3.268:*:*:*:*:*:*:*",
"matchCriteriaId": "26B05B51-14DB-4ADF-8AA1-8D4E5C2956DF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The (1) fwdrv.sys and (2) khips.sys drivers in Sunbelt Kerio Personal Firewall 4.3.268 and earlier do not validate arguments passed through to SSDT functions, including NtCreateFile, NtDeleteFile, NtLoadDriver, NtMapViewOfSection, NtOpenFile, and NtSetInformationFile, which allows local users to cause a denial of service (crash) and possibly other impacts via unspecified vectors."
},
{
"lang": "es",
"value": "Los drivers (1) fwdrv.sys y (2) khips.sys en Sunbelt Kerio Personal Firewall 4.3.268 y anteriores no validan los argumentos pasados a trav\u00e9s de funciones SSDT, incluyendo NtCreateFile, NtDeleteFile, NtLoadDriver, NtMapViewOfSection, NtOpenFile, y NtSetInformationFile, lo cual permite a usuarios locales provocar una denegaci\u00f3n de servicio (ca\u00edda) y posiblemente otros impactos mediante vectores no especificados."
}
],
"id": "CVE-2006-5153",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-10-05T04:04:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22234"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/1685"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1016967"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.matousec.com/info/advisories/Kerio-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/447504/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/20299"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/3872"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29313"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22234"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/1685"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016967"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.matousec.com/info/advisories/Kerio-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/447504/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/20299"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/3872"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29313"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2006-3787
Vulnerability from fkie_nvd - Published: 2006-07-24 12:19 - Updated: 2025-04-03 01:03
Severity ?
Summary
kpf4ss.exe in Sunbelt Kerio Personal Firewall 4.3.x before 4.3.268 does not properly hook the CreateRemoteThread API function, which allows local users to cause a denial of service (crash) and bypass protection mechanisms by calling CreateRemoteThread.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| kerio | personal_firewall | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kerio:personal_firewall:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3C62DCE1-7D68-4467-8DD5-D90D258A70D7",
"versionEndIncluding": "4.3.246",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "kpf4ss.exe in Sunbelt Kerio Personal Firewall 4.3.x before 4.3.268 does not properly hook the CreateRemoteThread API function, which allows local users to cause a denial of service (crash) and bypass protection mechanisms by calling CreateRemoteThread."
},
{
"lang": "es",
"value": "kpf4ss.exe en Sunbelt Kerio Personal Firewall 4.3.x anterior a 4.3.268 no se engancha adecuadamente a la funci\u00f3n CreateRemoteThread de la API, lo cual permite a usuarios locales provocar una denegaci\u00f3n de servicio (ca\u00edda) y evitar mecanismos de protecci\u00f3n llamando a CreateRemoteThread."
}
],
"id": "CVE-2006-3787",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-07-24T12:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21060"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/1260"
},
{
"source": "cve@mitre.org",
"url": "http://www.matousec.com/info/advisories/Kerio-Terminating-kpf4ss-exe-using-internal-runtime-error.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/440112/100/100/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/18996"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/2828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21060"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/1260"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.matousec.com/info/advisories/Kerio-Terminating-kpf4ss-exe-using-internal-runtime-error.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/440112/100/100/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/18996"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/2828"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2005-3286
Vulnerability from fkie_nvd - Published: 2005-10-23 10:02 - Updated: 2025-04-03 01:03
Severity ?
Summary
The FWDRV driver in Kerio Personal Firewall 4.2 and Server Firewall 1.1.1 allows local users to cause a denial of service (crash) by setting the PAGE_NOACCESS or PAGE_GUARD protection on the Page Environment Block (PEB), which triggers an exception, aka the "PEB lockout vulnerability."
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| kerio | personal_firewall | 4.2 | |
| kerio | serverfirewall | 1.1.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kerio:personal_firewall:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6682610C-1564-48E3-A364-76B6F5369F02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:serverfirewall:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3F8E562F-0F18-4D4A-87D4-C8CE55C085ED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The FWDRV driver in Kerio Personal Firewall 4.2 and Server Firewall 1.1.1 allows local users to cause a denial of service (crash) by setting the PAGE_NOACCESS or PAGE_GUARD protection on the Page Environment Block (PEB), which triggers an exception, aka the \"PEB lockout vulnerability.\""
}
],
"id": "CVE-2005-3286",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-10-23T10:02:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-October/037958.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://pb.specialised.info/all/adv/kerio-fwdrv-dos-adv.txt"
},
{
"source": "cve@mitre.org",
"url": "http://seclists.org/bugtraq/2005/Oct/166"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17155"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/78"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kerio.com/security_advisory.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/19961"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/15094"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-October/037958.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://pb.specialised.info/all/adv/kerio-fwdrv-dos-adv.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/bugtraq/2005/Oct/166"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17155"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/78"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kerio.com/security_advisory.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/19961"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/15094"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2005-1062
Vulnerability from fkie_nvd - Published: 2005-05-02 04:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
The administration protocol for Kerio WinRoute Firewall 6.x up to 6.0.10, Personal Firewall 4.x up to 4.1.2, and MailServer up to 6.0.8 allows remote attackers to quickly obtain passwords that are 5 characters or less via brute force methods.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kerio:kerio_mailserver:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2FA7CEE3-7D36-4F9D-8AC6-3F4C55D360CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:kerio_mailserver:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "937A6092-48C9-4721-B069-0B46D3520E36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:kerio_mailserver:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F38A0AAC-ACA8-44D3-B36A-741D01BE166F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:kerio_mailserver:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "08AE0CAA-B5A4-4E3A-B997-A2858E88CCC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:kerio_mailserver:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E9AC0D46-2096-4006-8FED-A67AFCE2ED98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:kerio_mailserver:6.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1F931B5E-6F02-48F6-8DAB-C0D796DFC2A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:kerio_mailserver:6.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B391EF70-D407-4087-96CF-B925CA2799B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:kerio_mailserver:6.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "23D64B85-51A2-47BC-94A2-8C9980CC573D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:kerio_mailserver:6.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D4AB197E-4F2E-4976-B6F7-17EB8A8BFBB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:personal_firewall:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "658F01AE-C211-473C-BF70-E524E4310F20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:personal_firewall:4.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1F769FAE-CC31-4C8B-B785-1423DFC2BA3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:personal_firewall:4.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "CB7202BC-AD0B-41B1-B7C1-7665498C967B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:personal_firewall:4.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "38E60288-F9E6-4E7C-9B48-352277A34C85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:personal_firewall:4.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "32087795-35B4-427A-BDAE-F0A217230C18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:personal_firewall:4.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "4C04B63F-3715-46F1-917E-5185691BD619",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:personal_firewall:4.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "3B1A9450-D6E7-4D0A-A9BF-E64284D1E1CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:personal_firewall:4.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "041B4428-ADC5-4BD2-9F6E-0BE2362FD9B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:personal_firewall:4.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "8E19F4EE-1567-4CD8-895C-474CE80241AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:personal_firewall:4.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "19EA5978-64EC-4B54-BC06-20324DB0E6CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:personal_firewall:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F81E1EDB-A491-4BE6-B6DE-1C4A695EE1F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:personal_firewall:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5C076C7D-D833-42CF-9FEF-F3654013AB05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:personal_firewall:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9FEB6DB5-851E-4EDF-AC1C-CBA502C6D5A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:winroute_firewall:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AE72890F-2421-4A6B-A8F1-4325F824A93F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:winroute_firewall:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EE079B94-A8C6-41E7-98B1-29A4DE4F66EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:winroute_firewall:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "94AC89E5-8B9C-4C6B-8976-6A4A6F922858",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:winroute_firewall:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5B99A154-D3C6-4B1C-BEC9-7D1AEAFCAC41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:winroute_firewall:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0ADAAD5F-3286-464E-A309-9454EE9A663F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:winroute_firewall:6.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BE1437DE-E19A-4C2C-9077-DB1FF48772C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:winroute_firewall:6.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "4D0089BE-856D-4998-BBFE-1F626A43377E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:winroute_firewall:6.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6CE81F49-05CE-4987-90C0-B6D077B65DD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:winroute_firewall:6.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "650E19BC-6545-45E9-BE2B-0900323C80C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:winroute_firewall:6.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "173804A3-04EE-484B-A0CF-8DFFE060EFA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:winroute_firewall:6.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "94AF1105-8B53-4EC7-B52A-9344BDC524CF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The administration protocol for Kerio WinRoute Firewall 6.x up to 6.0.10, Personal Firewall 4.x up to 4.1.2, and MailServer up to 6.0.8 allows remote attackers to quickly obtain passwords that are 5 characters or less via brute force methods."
}
],
"id": "CVE-2005-1062",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-05-02T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://research.tic.udc.es/scg/advisories/20050429-1.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.kerio.com/security_advisory.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/397221"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://research.tic.udc.es/scg/advisories/20050429-1.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.kerio.com/security_advisory.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/397221"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2005-0964
Vulnerability from fkie_nvd - Published: 2005-05-02 04:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
Unknown vulnerability in Kerio Personal Firewall 4.1.2 and earlier allows local users to bypass firewall rules via a malicious process that impersonates a legitimate process that has fewer restrictions.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| kerio | personal_firewall | 4.0.6 | |
| kerio | personal_firewall | 4.0.7 | |
| kerio | personal_firewall | 4.0.8 | |
| kerio | personal_firewall | 4.0.9 | |
| kerio | personal_firewall | 4.0.10 | |
| kerio | personal_firewall | 4.0.16 | |
| kerio | personal_firewall | 4.1 | |
| kerio | personal_firewall | 4.1.1 | |
| kerio | personal_firewall | 4.1.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kerio:personal_firewall:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E6C66920-4A4F-4335-B052-44E1F92F585B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:personal_firewall:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "658F01AE-C211-473C-BF70-E524E4310F20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:personal_firewall:4.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1F769FAE-CC31-4C8B-B785-1423DFC2BA3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:personal_firewall:4.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "CB7202BC-AD0B-41B1-B7C1-7665498C967B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:personal_firewall:4.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "38E60288-F9E6-4E7C-9B48-352277A34C85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:personal_firewall:4.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "19EA5978-64EC-4B54-BC06-20324DB0E6CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:personal_firewall:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C2B9D00A-6598-4BC0-B058-7598657274D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:personal_firewall:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5C076C7D-D833-42CF-9FEF-F3654013AB05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:personal_firewall:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9FEB6DB5-851E-4EDF-AC1C-CBA502C6D5A4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unknown vulnerability in Kerio Personal Firewall 4.1.2 and earlier allows local users to bypass firewall rules via a malicious process that impersonates a legitimate process that has fewer restrictions."
}
],
"id": "CVE-2005-0964",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-05-02T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/14717"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1013607"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.kerio.com/security_advisory.html#0503"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/12946"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19893"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/14717"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1013607"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.kerio.com/security_advisory.html#0503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/12946"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19893"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2005-1063
Vulnerability from fkie_nvd - Published: 2005-04-29 04:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
The administration protocol for Kerio WinRoute Firewall 6.x up to 6.0.10, Personal Firewall 4.x up to 4.1.2, and MailServer up to 6.0.8 allows remote attackers to cause a denial of service (CPU consumption) via certain attacks that force the product to "compute unexpected conditions" and "perform cryptographic operations."
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| kerio | kerio_mailserver | 6.0 | |
| kerio | kerio_mailserver | 6.0.1 | |
| kerio | kerio_mailserver | 6.0.2 | |
| kerio | kerio_mailserver | 6.0.3 | |
| kerio | kerio_mailserver | 6.0.4 | |
| kerio | kerio_mailserver | 6.0.5 | |
| kerio | personal_firewall | 4.0.6 | |
| kerio | personal_firewall | 4.0.7 | |
| kerio | personal_firewall | 4.0.8 | |
| kerio | personal_firewall | 4.0.9 | |
| kerio | personal_firewall | 4.0.10 | |
| kerio | personal_firewall | 4.0.16 | |
| kerio | personal_firewall | 4.1 | |
| kerio | personal_firewall | 4.1.1 | |
| kerio | personal_firewall | 4.1.2 | |
| kerio | winroute_firewall | 6.0 | |
| kerio | winroute_firewall | 6.0.1 | |
| kerio | winroute_firewall | 6.0.2 | |
| kerio | winroute_firewall | 6.0.3 | |
| kerio | winroute_firewall | 6.0.4 | |
| kerio | winroute_firewall | 6.0.5 | |
| kerio | winroute_firewall | 6.0.6 | |
| kerio | winroute_firewall | 6.0.7 | |
| kerio | winroute_firewall | 6.0.8 | |
| kerio | winroute_firewall | 6.0.9 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kerio:kerio_mailserver:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC515E75-119E-4CB9-985E-00E6A9349178",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:kerio_mailserver:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "937A6092-48C9-4721-B069-0B46D3520E36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:kerio_mailserver:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F38A0AAC-ACA8-44D3-B36A-741D01BE166F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:kerio_mailserver:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "08AE0CAA-B5A4-4E3A-B997-A2858E88CCC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:kerio_mailserver:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E9AC0D46-2096-4006-8FED-A67AFCE2ED98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:kerio_mailserver:6.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1F931B5E-6F02-48F6-8DAB-C0D796DFC2A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:personal_firewall:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E6C66920-4A4F-4335-B052-44E1F92F585B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:personal_firewall:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "658F01AE-C211-473C-BF70-E524E4310F20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:personal_firewall:4.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1F769FAE-CC31-4C8B-B785-1423DFC2BA3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:personal_firewall:4.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "CB7202BC-AD0B-41B1-B7C1-7665498C967B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:personal_firewall:4.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "38E60288-F9E6-4E7C-9B48-352277A34C85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:personal_firewall:4.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "19EA5978-64EC-4B54-BC06-20324DB0E6CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:personal_firewall:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C2B9D00A-6598-4BC0-B058-7598657274D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:personal_firewall:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5C076C7D-D833-42CF-9FEF-F3654013AB05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:personal_firewall:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9FEB6DB5-851E-4EDF-AC1C-CBA502C6D5A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:winroute_firewall:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "563E83E1-74C0-4312-A5C5-0223ADE55F65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:winroute_firewall:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EE079B94-A8C6-41E7-98B1-29A4DE4F66EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:winroute_firewall:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "94AC89E5-8B9C-4C6B-8976-6A4A6F922858",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:winroute_firewall:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5B99A154-D3C6-4B1C-BEC9-7D1AEAFCAC41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:winroute_firewall:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0ADAAD5F-3286-464E-A309-9454EE9A663F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:winroute_firewall:6.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BE1437DE-E19A-4C2C-9077-DB1FF48772C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:winroute_firewall:6.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "4D0089BE-856D-4998-BBFE-1F626A43377E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:winroute_firewall:6.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6CE81F49-05CE-4987-90C0-B6D077B65DD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:winroute_firewall:6.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "650E19BC-6545-45E9-BE2B-0900323C80C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:winroute_firewall:6.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "173804A3-04EE-484B-A0CF-8DFFE060EFA4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The administration protocol for Kerio WinRoute Firewall 6.x up to 6.0.10, Personal Firewall 4.x up to 4.1.2, and MailServer up to 6.0.8 allows remote attackers to cause a denial of service (CPU consumption) via certain attacks that force the product to \"compute unexpected conditions\" and \"perform cryptographic operations.\""
}
],
"id": "CVE-2005-1063",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-04-29T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://research.tic.udc.es/scg/advisories/20050429-2.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kerio.com/security_advisory.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/archive/1/397220"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://research.tic.udc.es/scg/advisories/20050429-2.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kerio.com/security_advisory.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/archive/1/397220"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2004-1109
Vulnerability from fkie_nvd - Published: 2005-01-10 05:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
The FWDRV.SYS driver in Kerio Personal Firewall 4.1.1 and earlier allows remote attackers to cause a denial of service (CPU consumption and system freeze from infinite loop) via a (1) TCP, (2) UDP, or (3) ICMP packet with a zero length IP Option field.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| kerio | personal_firewall | 4.0.6 | |
| kerio | personal_firewall | 4.0.7 | |
| kerio | personal_firewall | 4.0.8 | |
| kerio | personal_firewall | 4.0.9 | |
| kerio | personal_firewall | 4.0.10 | |
| kerio | personal_firewall | 4.0.16 | |
| kerio | personal_firewall | 4.1 | |
| kerio | personal_firewall | 4.1.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kerio:personal_firewall:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E6C66920-4A4F-4335-B052-44E1F92F585B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:personal_firewall:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "658F01AE-C211-473C-BF70-E524E4310F20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:personal_firewall:4.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1F769FAE-CC31-4C8B-B785-1423DFC2BA3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:personal_firewall:4.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "CB7202BC-AD0B-41B1-B7C1-7665498C967B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:personal_firewall:4.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "38E60288-F9E6-4E7C-9B48-352277A34C85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:personal_firewall:4.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "19EA5978-64EC-4B54-BC06-20324DB0E6CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:personal_firewall:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C2B9D00A-6598-4BC0-B058-7598657274D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kerio:personal_firewall:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5C076C7D-D833-42CF-9FEF-F3654013AB05",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The FWDRV.SYS driver in Kerio Personal Firewall 4.1.1 and earlier allows remote attackers to cause a denial of service (CPU consumption and system freeze from infinite loop) via a (1) TCP, (2) UDP, or (3) ICMP packet with a zero length IP Option field."
}
],
"id": "CVE-2004-1109",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-01-10T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.eeye.com/html/research/advisories/AD20041109.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.kerio.com/security_advisory.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11639"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17992"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.eeye.com/html/research/advisories/AD20041109.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.kerio.com/security_advisory.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11639"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17992"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2004-2329
Vulnerability from fkie_nvd - Published: 2004-12-31 05:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
Kerio Personal Firewall (KPF) 2.1.5 allows local users to execute arbitrary code with SYSTEM privileges via the Load button in the Firewall Configuration Files option, which does not drop privileges before opening the file loading dialog box.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| kerio | personal_firewall | 2.1.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kerio:personal_firewall:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FCE7ABB0-44E8-40DA-A94C-2F9530497D78",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Kerio Personal Firewall (KPF) 2.1.5 allows local users to execute arbitrary code with SYSTEM privileges via the Load button in the Firewall Configuration Files option, which does not drop privileges before opening the file loading dialog box."
}
],
"id": "CVE-2004-2329",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/10746/"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/3748"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/9525"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securitytracker.com/alerts/2004/Jan/1008870.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.tuneld.com/_images/other/kpf_system_privileges.png"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.tuneld.com/news/?id=30"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14981"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/10746/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/3748"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/9525"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securitytracker.com/alerts/2004/Jan/1008870.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.tuneld.com/_images/other/kpf_system_privileges.png"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.tuneld.com/news/?id=30"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14981"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}