SkipNavigation
Home | FAQ | Contact | Privacy Policy
US-CERT
American Flag
  Vulnerability
Notes
Database

Search Vulnerability Notes

Vulnerability Notes Help Information

Report a Vulnerability

 
 View Notes By
  Name

ID Number

CVE Name

Date Public

Date Published

Date Updated

Severity Metric
 Other Documents
  Technical Alerts

Technical Bulletins

Alerts

Security Tips

Vulnerability Note VU#454716

Kerio Personal Firewall vulnerable to buffer overflow

Overview

Kerio Personal Firewall contains a buffer overflow that may allow a remote attacker to execute arbitrary code. An exploit for this vulnerability is publicly available.

I. Description

Kerio Technologies Inc. describes the Kerio Personal Firewall as follows:

    Kerio Personal Firewall (KPF) is a software agent that builds a barrier between your personal computer and the Internet. KPF is designed to protect your PC against attacks from both the Internet, and other computers in the local network.

Core Security Technologies discovered a buffer overflow vulnerability in the Kerio Personal Firewall. The vulnerability exists in a portion of code responsible for setting up encrypted administrator sessions for remote administration of the firewall. Note that the buffer overflow occurs prior to any authentication taking place. For further technical details, please see the Core Security Technologies advisory.

II. Impact

A remote attacker may be able to execute arbitrary code with the privileges of the Kerio Personal Firewall.

III. Solution

Kerio Technologies Inc. has released Kerio Personal Firewall version 2.1.5 to address this vulnerability. Until you can upgrade, you may wish to disable the remote administration feature.

Systems Affected

VendorStatusDate NotifiedDate Updated
Kerio Technologies Inc.Vulnerable12-May-2003

References

http://www.coresecurity.com/common/showdoc.php?idx=314&idxseccion=10
http://www.securityfocus.com/data/vulnerabilities/exploits/kerio-overflow.py
http://www.securityfocus.com/data/vulnerabilities/exploits/PFExploit.c
http://marc.theaimsgroup.com/?l=bugtraq&m=105155734411836&w=2
http://www.securityfocus.com/data/vulnerabilities/exploits/PFExploit.c
http://www.s0h.cc/~threat/goodies/PFpatch/sources_PFpatch.zip
http://www.s0h.cc/~threat/goodies/PFpatch/PFpatch.exe
http://www.kerio.com/kpf_download.html
http://online.securityfocus.com/bid/7180

Credit

This vulnerability was discovered by Emiliano Kargieman, Hernán Gips, and Javier Burroni of Core Security Technologies.

This document was written by Ian A Finlay.

Other Information

Date Public:2003-04-28
Date First Published:2003-05-12
Date Last Updated:2003-05-13
CERT Advisory: 
CVE-ID(s):CAN-2003-0220
NVD-ID(s):CAN-2003-0220
US-CERT Technical Alerts: 
Severity Metric:14.06
Document Revision:15

If you have feedback, comments, or additional information about this vulnerability, please send us email.
 

 
Page Corner Image
Copyright 2003 Carnegie Mellon University
Disclaimers and copyright information
Get a PDF Reader