|
Kerio Personal Firewall IP Option Denial of Service Vulnerability
|
|
|
|
|
Secunia Advisory:
|
SA13030
|
|
|
Release Date:
|
2004-11-10
|
|
Last Update:
|
2004-12-07
|
|
|
Critical:
|
Moderately critical
|
|
Impact:
|
DoS
|
|
Where:
|
From remote
|
|
Solution Status:
|
Vendor Patch
|
|
| Software: | Kerio Personal Firewall 4.x
|
| | CVE reference: | CVE-2004-1109 (Secunia mirror)
|
|
|
Want to know the next time vulnerabilities are fixed in this product?
- Companies can be alerted via email and SMS! |
|
|
Description:
eEye Digital Security has reported a vulnerability in Kerio Personal Firewall, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an error in "FWDRV.SYS" when performing low level processing of TCP, UDP, and ICMP packets. This can be exploited to consume all available CPU resources by sending a specially crafted packet containing an IP option followed by a length field with the value of "0x00".
Successful exploitation causes the system to stop responding and requires the system to be restarted.
The vulnerability affects versions 4.0.0 through 4.1.1.
Do you have this product installed on your home computer? Scan using the free Personal Software Inspector. Check if a vulnerable version is installed on computers in your corporate network, scan using the Network Software Inspector.
Solution:
Update to version 4.1.2.
http://www.kerio.com/kpf_download.html
Provided and/or discovered by:
Karl Lynn, eEye Digital Security.
Changelog:
2004-12-07: Added CVE reference.
Original Advisory:
Kerio:
http://www.kerio.com/security_advisory.html
eEye Digital Security:
http://www.eeye.com/html/research/advisories/AD20041109.html
|
|
|
|
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
|
|
|
9 Related Secunia Security Advisories
|
|
|
1. Kerio Personal Firewall Hooked Functions Denial of Service
|
|
2. Kerio Personal Firewall Engine Denial of Service
|
|
3. Kerio Personal/Server Firewall FWDRV Driver Denial of Service
|
|
4. Kerio Products Password Brute Force and Denial of Service
|
|
5. Kerio Personal Firewall Network Rules Security Bypass
|
|
6. Kerio Personal Firewall Program Execution Protection Feature Bypass
|
|
7. Kerio Personal Firewall URL Handling Denial of Service
|
|
8. Kerio Personal Firewall TCP Stealth Scan Detection Vulnerability
|
|
9. Kerio Personal Firewall Filter Bypass Security Issue
|
|
|
Send Feedback to Secunia
|
|
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.
Ideas, suggestions, and other feedback are most welcome.
|
|
|
|
