FKIE_CVE-2004-1023

Vulnerability from fkie_nvd - Published: 2005-01-10 05:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
Kerio Winroute Firewall before 6.0.9, ServerFirewall before 1.0.1, and MailServer before 6.0.5, when installed on Windows based systems, do not modify the ACLs for critical files, which allows local users with Power Users privileges to modify programs, install malicious DLLs in the plug-ins folder, and modify XML files related to configuration.
References
cve@mitre.orghttp://marc.info/?l=bugtraq&m=110305387813002&w=2
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/18471
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=110305387813002&w=2
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/18471
Impacted products
Vendor Product Version
kerio kerio_mailserver 6.0.0
kerio kerio_mailserver 6.0.1
kerio kerio_mailserver 6.0.2
kerio kerio_mailserver 6.0.3
kerio kerio_mailserver 6.0.4
kerio serverfirewall 1.0.0
kerio winroute_firewall 6.0.0
kerio winroute_firewall 6.0.1
kerio winroute_firewall 6.0.2
kerio winroute_firewall 6.0.3
kerio winroute_firewall 6.0.4
kerio winroute_firewall 6.0.5
kerio winroute_firewall 6.0.6
kerio winroute_firewall 6.0.7
kerio winroute_firewall 6.0.8
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:kerio:kerio_mailserver:6.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FA7CEE3-7D36-4F9D-8AC6-3F4C55D360CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kerio:kerio_mailserver:6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "937A6092-48C9-4721-B069-0B46D3520E36",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kerio:kerio_mailserver:6.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F38A0AAC-ACA8-44D3-B36A-741D01BE166F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kerio:kerio_mailserver:6.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "08AE0CAA-B5A4-4E3A-B997-A2858E88CCC8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kerio:kerio_mailserver:6.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9AC0D46-2096-4006-8FED-A67AFCE2ED98",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kerio:serverfirewall:1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "38642D5D-7875-4D1D-9F99-3E101FC00964",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kerio:winroute_firewall:6.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE72890F-2421-4A6B-A8F1-4325F824A93F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kerio:winroute_firewall:6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE079B94-A8C6-41E7-98B1-29A4DE4F66EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kerio:winroute_firewall:6.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "94AC89E5-8B9C-4C6B-8976-6A4A6F922858",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kerio:winroute_firewall:6.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B99A154-D3C6-4B1C-BEC9-7D1AEAFCAC41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kerio:winroute_firewall:6.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "0ADAAD5F-3286-464E-A309-9454EE9A663F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kerio:winroute_firewall:6.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE1437DE-E19A-4C2C-9077-DB1FF48772C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kerio:winroute_firewall:6.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D0089BE-856D-4998-BBFE-1F626A43377E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kerio:winroute_firewall:6.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "6CE81F49-05CE-4987-90C0-B6D077B65DD9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kerio:winroute_firewall:6.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "650E19BC-6545-45E9-BE2B-0900323C80C1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Kerio Winroute Firewall before 6.0.9, ServerFirewall before 1.0.1, and MailServer before 6.0.5, when installed on Windows based systems, do not modify the ACLs for critical files, which allows local users with Power Users privileges to modify programs, install malicious DLLs in the plug-ins folder, and modify XML files related to configuration."
    },
    {
      "lang": "es",
      "value": "Kerio Winroute Firewall anteriores a 6.0.9, Server Firewall anteriores a 1.0.1, y MailServer anteriores a 6.0.5, cuando se instala en sistemas basados en Windows, no modifica las listas de control de acceso (ACL) de ficheros cr\u00edticos, lo que permite a usuarios locales con privilegios de \"Usuarios Avanzados\" modificar programas, instalar DLLs maliciosas en la carpeta de plug-ins y modificar ficheros XML relacionados con la configuraci\u00f3n."
    }
  ],
  "id": "CVE-2004-1023",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 2.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-01-10T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=110305387813002\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18471"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=110305387813002\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18471"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.