Kerio Personal/Server Firewall Driver Memory Locking Local DoS

2005-10-13T14:36:21
ID OSVDB:19961
Type osvdb
Reporter Piotr Bania(ania.piotr@gmail.com)
Modified 2005-10-13T14:36:21

Description

Vulnerability Description

The Kerio Firewall driver contains a flaw that may allow a local denial of service. The issue is triggered when Kerio is reading the PEB (Process Environment Block) of applications that are trying to connect to the internet. If the application has the PEB region locked, the Kerio Firewall driver will crash resulting in a loss of availability for the program.

Solution Description

Upgrade to Kerio Personal Firewall version 4.2.1 or Kerio ServerFirewall 1.1.2 or higher as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

The Kerio Firewall driver contains a flaw that may allow a local denial of service. The issue is triggered when Kerio is reading the PEB (Process Environment Block) of applications that are trying to connect to the internet. If the application has the PEB region locked, the Kerio Firewall driver will crash resulting in a loss of availability for the program.

References:

Vendor Specific Advisory URL Secunia Advisory ID:17155 Other Advisory URL: http://pb.specialised.info/all/adv/kerio-fwdrv-dos-adv.txt Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-10/0160.html Keyword: KSEC-2005-10-07-01 CVE-2005-3286 Bugtraq ID: 15094