CVE-2003-0220

2003-05-1204:00:00

[email protected]

web.nvd.nist.gov

kerio personal firewall

buffer overflow

authentication process

cve-2003-0220

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8 High

AI Score

Confidence

Low

0.526 Medium

EPSS

Percentile

97.6%

JSON

Buffer overflow in the administrator authentication process for Kerio Personal Firewall (KPF) 2.1.4 and earlier allows remote attackers to execute arbitrary code via a handshake packet.

Affected configurations

NVD

Node

keriopersonal_firewall_2Match2.1

keriopersonal_firewall_2Match2.1.1

keriopersonal_firewall_2Match2.1.2

keriopersonal_firewall_2Match2.1.3

keriopersonal_firewall_2Match2.1.4

CPENameOperatorVersion
kerio:personal_firewall_2kerio personal firewall 2eq2.1
kerio:personal_firewall_2kerio personal firewall 2eq2.1.1
kerio:personal_firewall_2kerio personal firewall 2eq2.1.2
kerio:personal_firewall_2kerio personal firewall 2eq2.1.3
kerio:personal_firewall_2kerio personal firewall 2eq2.1.4

CPE	Name	Operator	Version
kerio:personal_firewall_2	kerio personal firewall 2	eq	2.1
kerio:personal_firewall_2	kerio personal firewall 2	eq	2.1.1
kerio:personal_firewall_2	kerio personal firewall 2	eq	2.1.2
kerio:personal_firewall_2	kerio personal firewall 2	eq	2.1.3
kerio:personal_firewall_2	kerio personal firewall 2	eq	2.1.4