Overview
Kerio Personal Firewall contains a buffer overflow that may allow a remote attacker to execute arbitrary code. An exploit for this vulnerability is publicly available.
Description
Kerio Technologies Inc. describes the Kerio Personal Firewall as follows: Kerio Personal Firewall (KPF) is a software agent that builds a barrier between your personal computer and the Internet. KPF is designed to protect your PC against attacks from both the Internet, and other computers in the local network. |
Impact
A remote attacker may be able to execute arbitrary code with the privileges of the Kerio Personal Firewall. |
Solution
Kerio Technologies Inc. has released Kerio Personal Firewall version 2.1.5 to address this vulnerability. Until you can upgrade, you may wish to disable the remote administration feature. |
Vendor Information
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | ||
| Temporal | ||
| Environmental |
References
- http://www.coresecurity.com/common/showdoc.php?idx=314&idxseccion=10
- http://www.securityfocus.com/data/vulnerabilities/exploits/kerio-overflow.py
- http://www.securityfocus.com/data/vulnerabilities/exploits/PFExploit.c
- http://marc.theaimsgroup.com/?l=bugtraq&m=105155734411836&w=2
- http://www.securityfocus.com/data/vulnerabilities/exploits/PFExploit.c
- http://www.s0h.cc/~threat/goodies/PFpatch/sources_PFpatch.zip
- http://www.s0h.cc/~threat/goodies/PFpatch/PFpatch.exe
- http://www.kerio.com/kpf_download.html
- http://online.securityfocus.com/bid/7180
Acknowledgements
This vulnerability was discovered by Emiliano Kargieman, Hernán Gips, and Javier Burroni of Core Security Technologies.
This document was written by Ian A Finlay.
Other Information
| CVE IDs: | CVE-2003-0220 |
| Severity Metric: | 14.06 |
| Date Public: | 2003-04-28 |
| Date First Published: | 2003-05-12 |
| Date Last Updated: | 2003-05-13 16:59 UTC |
| Document Revision: | 16 |