search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

Kerio Personal Firewall vulnerable to replay attack

Vulnerability Note VU#641012

Original Release Date: 2003-05-13 | Last Revised: 2003-05-13

Overview

Kerio Personal Firewall contains a vulnerability that may allow a remote attacker to replay an administration session.

Description

Kerio Technologies Inc. describes the Kerio Personal Firewall as follows:

Kerio Personal Firewall (KPF) is a software agent that builds a barrier between your personal computer and the Internet. KPF is designed to protect your PC against attacks from both the Internet, and other computers in the local network.
Core Security Technologies discovered a design problem that could allow a remote attacker to replay an administration session. In order to exploit this vulnerability, the attacker would need to be able to sniff the administration session packets. For further technical details, please see the Core Security Technologies advisory.

Impact

A remote attacker may be able to replay an administration session.

Solution

Kerio Technologies Inc. has released Kerio Personal Firewall version 2.1.5 to address this vulnerability. Until you can upgrade, you may wish to disable the remote administration feature.

Vendor Information

641012
 
Expand all

Kerio Technologies Inc. Affected

Updated:  May 13, 2003

Status

Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

Please see the release history entry for version 2.1.5.

If you have feedback, comments, or additional information about this vulnerability, please send us email.


CVSS Metrics

Group Score Vector
Base
Temporal
Environmental

References

Acknowledgements

This vulnerability was discovered by Emiliano Kargieman, Hernán Gips, and Javier Burroni of Core Security Technologies.

This document was written by Ian A Finlay.

Other Information

CVE IDs: CVE-2003-0219
Severity Metric: 3.00
Date Public: 2003-04-28
Date First Published: 2003-05-13
Date Last Updated: 2003-05-13 17:45 UTC
Document Revision: 11

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis