Lucene search

[email protected]CVE-2005-0964

HistoryMay 02, 2005 - 4:00 a.m.

CVE-2005-0964

2005-05-0204:00:00

[email protected]

web.nvd.nist.gov

cve-2005-0964

kerio personal firewall

vulnerability

bypass

firewall rules

local users

malicious process

6.6 Medium

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

5.2%

JSON

Unknown vulnerability in Kerio Personal Firewall 4.1.2 and earlier allows local users to bypass firewall rules via a malicious process that impersonates a legitimate process that has fewer restrictions.

Affected configurations

NVD

Node

keriopersonal_firewallMatch4.0.6

keriopersonal_firewallMatch4.0.7

keriopersonal_firewallMatch4.0.8

keriopersonal_firewallMatch4.0.9

keriopersonal_firewallMatch4.0.10

keriopersonal_firewallMatch4.0.16

keriopersonal_firewallMatch4.1

keriopersonal_firewallMatch4.1.1

keriopersonal_firewallMatch4.1.2

CPENameOperatorVersion
kerio:personal_firewallkerio personal firewalleq4.0.6
kerio:personal_firewallkerio personal firewalleq4.0.7
kerio:personal_firewallkerio personal firewalleq4.0.8
kerio:personal_firewallkerio personal firewalleq4.0.9
kerio:personal_firewallkerio personal firewalleq4.0.10
kerio:personal_firewallkerio personal firewalleq4.0.16
kerio:personal_firewallkerio personal firewalleq4.1
kerio:personal_firewallkerio personal firewalleq4.1.1
kerio:personal_firewallkerio personal firewalleq4.1.2

CPE	Name	Operator	Version
kerio:personal_firewall	kerio personal firewall	eq	4.0.6
kerio:personal_firewall	kerio personal firewall	eq	4.0.7
kerio:personal_firewall	kerio personal firewall	eq	4.0.8
kerio:personal_firewall	kerio personal firewall	eq	4.0.9
kerio:personal_firewall	kerio personal firewall	eq	4.0.10
kerio:personal_firewall	kerio personal firewall	eq	4.0.16
kerio:personal_firewall	kerio personal firewall	eq	4.1
kerio:personal_firewall	kerio personal firewall	eq	4.1.1
kerio:personal_firewall	kerio personal firewall	eq	4.1.2

References

secunia.com/advisories/14717

securitytracker.com/id?1013607

www.kerio.com/security_advisory.html#0503

www.securityfocus.com/bid/12946

exchange.xforce.ibmcloud.com/vulnerabilities/19893

6.6 Medium

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

5.2%

JSON

Related for CVE-2005-0964

cvelist1 nvd1