VAR-200505-0521
Vulnerability from variot - Updated: 2023-12-18 13:21Unknown vulnerability in Kerio Personal Firewall 4.1.2 and earlier allows local users to bypass firewall rules via a malicious process that impersonates a legitimate process that has fewer restrictions. This issue is due to a design error that causes the application to fail to properly validate the origin of network requests. An attacker may leverage this issue to bypass network access restrictions, potentially leading administrators to a false sense of security
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200505-0521",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "personal firewall",
"scope": "eq",
"trust": 1.9,
"vendor": "kerio",
"version": "4.1.2"
},
{
"model": "personal firewall",
"scope": "eq",
"trust": 1.9,
"vendor": "kerio",
"version": "4.1.1"
},
{
"model": "personal firewall",
"scope": "eq",
"trust": 1.9,
"vendor": "kerio",
"version": "4.1"
},
{
"model": "personal firewall",
"scope": "eq",
"trust": 1.9,
"vendor": "kerio",
"version": "4.0.16"
},
{
"model": "personal firewall",
"scope": "eq",
"trust": 1.9,
"vendor": "kerio",
"version": "4.0.10"
},
{
"model": "personal firewall",
"scope": "eq",
"trust": 1.9,
"vendor": "kerio",
"version": "4.0.9"
},
{
"model": "personal firewall",
"scope": "eq",
"trust": 1.9,
"vendor": "kerio",
"version": "4.0.8"
},
{
"model": "personal firewall",
"scope": "eq",
"trust": 1.9,
"vendor": "kerio",
"version": "4.0.7"
},
{
"model": "personal firewall",
"scope": "eq",
"trust": 1.9,
"vendor": "kerio",
"version": "4.0.6"
},
{
"model": "personal firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "kerio",
"version": "4.1.3"
}
],
"sources": [
{
"db": "BID",
"id": "12946"
},
{
"db": "NVD",
"id": "CVE-2005-0964"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-386"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:kerio:personal_firewall:4.0.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:kerio:personal_firewall:4.0.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:kerio:personal_firewall:4.0.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:kerio:personal_firewall:4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:kerio:personal_firewall:4.0.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:kerio:personal_firewall:4.0.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:kerio:personal_firewall:4.0.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:kerio:personal_firewall:4.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:kerio:personal_firewall:4.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-0964"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Petr Matousek of Masaryk University is credited with the discovery of this issue.",
"sources": [
{
"db": "BID",
"id": "12946"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-386"
}
],
"trust": 0.9
},
"cve": "CVE-2005-0964",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-12173",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2005-0964",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200505-386",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-12173",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-12173"
},
{
"db": "NVD",
"id": "CVE-2005-0964"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-386"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown vulnerability in Kerio Personal Firewall 4.1.2 and earlier allows local users to bypass firewall rules via a malicious process that impersonates a legitimate process that has fewer restrictions. This issue is due to a design error that causes the application to fail to properly validate the origin of network requests. \nAn attacker may leverage this issue to bypass network access restrictions, potentially leading administrators to a false sense of security",
"sources": [
{
"db": "NVD",
"id": "CVE-2005-0964"
},
{
"db": "BID",
"id": "12946"
},
{
"db": "VULHUB",
"id": "VHN-12173"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2005-0964",
"trust": 2.0
},
{
"db": "BID",
"id": "12946",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "14717",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1013607",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200505-386",
"trust": 0.7
},
{
"db": "XF",
"id": "19893",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-12173",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-12173"
},
{
"db": "BID",
"id": "12946"
},
{
"db": "NVD",
"id": "CVE-2005-0964"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-386"
}
]
},
"id": "VAR-200505-0521",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-12173"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:21:12.418000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-0964"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www.kerio.com/security_advisory.html#0503"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/12946"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1013607"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/14717"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19893"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/19893"
},
{
"trust": 0.3,
"url": "http://www.sunbelt-software.com/kerio.cfm"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-12173"
},
{
"db": "BID",
"id": "12946"
},
{
"db": "NVD",
"id": "CVE-2005-0964"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-386"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-12173"
},
{
"db": "BID",
"id": "12946"
},
{
"db": "NVD",
"id": "CVE-2005-0964"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-386"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-05-02T00:00:00",
"db": "VULHUB",
"id": "VHN-12173"
},
{
"date": "2005-03-30T00:00:00",
"db": "BID",
"id": "12946"
},
{
"date": "2005-05-02T04:00:00",
"db": "NVD",
"id": "CVE-2005-0964"
},
{
"date": "2005-05-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200505-386"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-12173"
},
{
"date": "2009-07-12T11:56:00",
"db": "BID",
"id": "12946"
},
{
"date": "2017-07-11T01:32:28.530000",
"db": "NVD",
"id": "CVE-2005-0964"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200505-386"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "12946"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-386"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Kerio Personal Firewall Local Network Access Restriction Bypass Vulnerability",
"sources": [
{
"db": "BID",
"id": "12946"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-386"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "12946"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-386"
}
],
"trust": 0.9
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…