CERTVU:454716Kerio Personal Firewall vulnerable to buffer overflow
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.526 Medium
EPSS
Percentile
97.6%
Overview
Kerio Personal Firewall contains a buffer overflow that may allow a remote attacker to execute arbitrary code. An exploit for this vulnerability is publicly available.
Description
Kerio Technologies Inc. describes the Kerio Personal Firewall as follows:
Kerio Personal Firewall (KPF) is a software agent that builds a barrier between your personal computer and the Internet. KPF is designed to protect your PC against attacks from both the Internet, and other computers in the local network.
Core Security Technologies discovered a buffer overflow vulnerability in the Kerio Personal Firewall. The vulnerability exists in a portion of code responsible for setting up encrypted administrator sessions for remote administration of the firewall. Note that the buffer overflow occurs prior to any authentication taking place. For further technical details, please see the Core Security Technologies advisory.
Impact
A remote attacker may be able to execute arbitrary code with the privileges of the Kerio Personal Firewall.
Solution
Kerio Technologies Inc. has released Kerio Personal Firewall version 2.1.5 to address this vulnerability. Until you can upgrade, you may wish to disable the remote administration feature.
Vendor Information
454716
Filter by status: All Affected Not Affected Unknown
Filter by content: __ Additional information available
__ Sort by: Status Alphabetical
Expand all
Javascript is disabled. Click here to view vendors.
Kerio Technologies Inc. __ Affected
Updated: May 12, 2003
Status
Affected
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
Please see the release history entry for version 2.1.5.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23454716 Feedback>).
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | ||
| Temporal | ||
| Environmental |
References
- http://www.coresecurity.com/common/showdoc.php?idx=314&idxseccion=10
- <http://www.securityfocus.com/data/vulnerabilities/exploits/kerio-overflow.py>
- <http://www.securityfocus.com/data/vulnerabilities/exploits/PFExploit.c>
- http://marc.theaimsgroup.com/?l=bugtraq&m=105155734411836&w=2
- <http://www.securityfocus.com/data/vulnerabilities/exploits/PFExploit.c>
- <http://www.s0h.cc/~threat/goodies/PFpatch/sources_PFpatch.zip>
- <http://www.s0h.cc/~threat/goodies/PFpatch/PFpatch.exe>
- <http://www.kerio.com/kpf_download.html>
- <http://online.securityfocus.com/bid/7180>
Acknowledgements
This vulnerability was discovered by Emiliano Kargieman, HernΓ‘n Gips, and Javier Burroni of Core Security Technologies.
This document was written by Ian A Finlay.
Other Information
| CVE IDs: | CVE-2003-0220 |
|---|---|
| Severity Metric: | 14.06 Date Public: |
References
marc.theaimsgroup.com/?l=bugtraq&m=105155734411836&w=2
online.securityfocus.com/bid/7180
www.coresecurity.com/common/showdoc.php?idx=314&idxseccion=10
www.kerio.com/kpf_download.html
www.s0h.cc/~threat/goodies/PFpatch/PFpatch.exe
www.s0h.cc/~threat/goodies/PFpatch/sources_PFpatch.zip
www.securityfocus.com/data/vulnerabilities/exploits/kerio-overflow.py
www.securityfocus.com/data/vulnerabilities/exploits/PFExploit.c
www.securityfocus.com/data/vulnerabilities/exploits/PFExploit.c
Related
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.526 Medium
EPSS
Percentile
97.6%