VAR-200607-0364
Vulnerability from variot - Updated: 2023-12-18 13:30kpf4ss.exe in Sunbelt Kerio Personal Firewall 4.3.x before 4.3.268 does not properly hook the CreateRemoteThread API function, which allows local users to cause a denial of service (crash) and bypass protection mechanisms by calling CreateRemoteThread. Sunbelt Kerio Personal Firewall is prone to a denial-of-service vulnerability. This issue can occur when a program calls the 'CreateRemoteThread' Windows API call. Exploitation of this vulnerability could cause the firewall application to crash. This could expose the computer to further attacks. The individual who discovered this vulnerability claims to have tested it on Sunbelt Kerio Personal Firewall versions 4.3.246 and 4.2.3.912. They were unable to reproduce the vulnerability on version 4.2.3.912, which is an older release. The vulnerable functionality may have been introduced at some point after the 4.2.3.912 release, but this has not been confirmed
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200607-0364",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "personal firewall",
"scope": "lte",
"trust": 1.0,
"vendor": "kerio",
"version": "4.3.246"
},
{
"model": "personal firewall",
"scope": "eq",
"trust": 0.8,
"vendor": "kerio",
"version": "4.3.268"
},
{
"model": "personal firewall",
"scope": "lt",
"trust": 0.8,
"vendor": "kerio",
"version": "4.3.x"
},
{
"model": "personal firewall",
"scope": "eq",
"trust": 0.6,
"vendor": "kerio",
"version": "4.3.246"
},
{
"model": "software kerio personal firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "sunbelt",
"version": "4.3.426"
},
{
"model": "software kerio personal firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "sunbelt",
"version": "4.2.3912"
}
],
"sources": [
{
"db": "BID",
"id": "18996"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-002875"
},
{
"db": "NVD",
"id": "CVE-2006-3787"
},
{
"db": "CNNVD",
"id": "CNNVD-200607-390"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:kerio:personal_firewall:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.3.246",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-3787"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovery is credited to David Matousek.",
"sources": [
{
"db": "BID",
"id": "18996"
},
{
"db": "CNNVD",
"id": "CNNVD-200607-390"
}
],
"trust": 0.9
},
"cve": "CVE-2006-3787",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 2.1,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2006-3787",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "VHN-19895",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2006-3787",
"trust": 1.8,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-200607-390",
"trust": 0.6,
"value": "LOW"
},
{
"author": "VULHUB",
"id": "VHN-19895",
"trust": 0.1,
"value": "LOW"
},
{
"author": "VULMON",
"id": "CVE-2006-3787",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-19895"
},
{
"db": "VULMON",
"id": "CVE-2006-3787"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-002875"
},
{
"db": "NVD",
"id": "CVE-2006-3787"
},
{
"db": "CNNVD",
"id": "CNNVD-200607-390"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "kpf4ss.exe in Sunbelt Kerio Personal Firewall 4.3.x before 4.3.268 does not properly hook the CreateRemoteThread API function, which allows local users to cause a denial of service (crash) and bypass protection mechanisms by calling CreateRemoteThread. Sunbelt Kerio Personal Firewall is prone to a denial-of-service vulnerability. This issue can occur when a program calls the \u0027CreateRemoteThread\u0027 Windows API call. \nExploitation of this vulnerability could cause the firewall application to crash. This could expose the computer to further attacks. \nThe individual who discovered this vulnerability claims to have tested it on Sunbelt Kerio Personal Firewall versions 4.3.246 and 4.2.3.912. They were unable to reproduce the vulnerability on version 4.2.3.912, which is an older release. The vulnerable functionality may have been introduced at some point after the 4.2.3.912 release, but this has not been confirmed",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-3787"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-002875"
},
{
"db": "BID",
"id": "18996"
},
{
"db": "VULHUB",
"id": "VHN-19895"
},
{
"db": "VULMON",
"id": "CVE-2006-3787"
}
],
"trust": 2.07
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-19895",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=28228",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-19895"
},
{
"db": "VULMON",
"id": "CVE-2006-3787"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2006-3787",
"trust": 2.6
},
{
"db": "BID",
"id": "18996",
"trust": 2.1
},
{
"db": "VUPEN",
"id": "ADV-2006-2828",
"trust": 1.8
},
{
"db": "SREASON",
"id": "1260",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "21060",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2006-002875",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200607-390",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20060715 KERIO TERMINATING \u0027KPF4SS.EXE\u0027 USING INTERNAL RUNTIME ERROR VULNERABILITY",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "28228",
"trust": 0.2
},
{
"db": "SEEBUG",
"id": "SSVID-81805",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-19895",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2006-3787",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-19895"
},
{
"db": "VULMON",
"id": "CVE-2006-3787"
},
{
"db": "BID",
"id": "18996"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-002875"
},
{
"db": "NVD",
"id": "CVE-2006-3787"
},
{
"db": "CNNVD",
"id": "CNNVD-200607-390"
}
]
},
"id": "VAR-200607-0364",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-19895"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:30:48.105000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Personal Firewall",
"trust": 0.8,
"url": "http://www.vipreantivirus.com/vipre-internet-security/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-002875"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-3787"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://www.matousec.com/info/advisories/kerio-terminating-kpf4ss-exe-using-internal-runtime-error.php"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/18996"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/21060"
},
{
"trust": 1.8,
"url": "http://securityreason.com/securityalert/1260"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/archive/1/440112/100/100/threaded"
},
{
"trust": 1.2,
"url": "http://www.vupen.com/english/advisories/2006/2828"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3787"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-3787"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/440112/100/100/threaded"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2006/2828"
},
{
"trust": 0.3,
"url": "http://www.sunbelt-software.com/kerio.cfm"
},
{
"trust": 0.3,
"url": "/archive/1/440112"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/28228/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-19895"
},
{
"db": "VULMON",
"id": "CVE-2006-3787"
},
{
"db": "BID",
"id": "18996"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-002875"
},
{
"db": "NVD",
"id": "CVE-2006-3787"
},
{
"db": "CNNVD",
"id": "CNNVD-200607-390"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-19895"
},
{
"db": "VULMON",
"id": "CVE-2006-3787"
},
{
"db": "BID",
"id": "18996"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-002875"
},
{
"db": "NVD",
"id": "CVE-2006-3787"
},
{
"db": "CNNVD",
"id": "CNNVD-200607-390"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-07-24T00:00:00",
"db": "VULHUB",
"id": "VHN-19895"
},
{
"date": "2006-07-24T00:00:00",
"db": "VULMON",
"id": "CVE-2006-3787"
},
{
"date": "2006-07-15T00:00:00",
"db": "BID",
"id": "18996"
},
{
"date": "2012-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-002875"
},
{
"date": "2006-07-24T12:19:00",
"db": "NVD",
"id": "CVE-2006-3787"
},
{
"date": "2006-07-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200607-390"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-17T00:00:00",
"db": "VULHUB",
"id": "VHN-19895"
},
{
"date": "2018-10-17T00:00:00",
"db": "VULMON",
"id": "CVE-2006-3787"
},
{
"date": "2006-07-28T22:27:00",
"db": "BID",
"id": "18996"
},
{
"date": "2012-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-002875"
},
{
"date": "2018-10-17T21:30:07.437000",
"db": "NVD",
"id": "CVE-2006-3787"
},
{
"date": "2006-09-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200607-390"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "18996"
},
{
"db": "CNNVD",
"id": "CNNVD-200607-390"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sunbelt Kerio Personal Firewall of kpf4ss.exe Service disruption in (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-002875"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200607-390"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…