MISC: Kerio Personal Firewall Authentication Overflow
This signature detects attempts to exploit a known vulnerability in Kerio Personal Firewall. Kerio Personal Firewall 2.1.4 and earlier are vulnerable. Attackers can use an invalid authentication, attempting to exploit this vulnerability and execute arbitrary code on the target host.
Extended Description
A buffer-overflow vulnerability has been discovered in Kerio Personal Firewall. The problem occurs during the administration authentication process. An attacker could exploit this vulnerability by forging a malicious packet containing an excessive data size. The application then reads this data into a static memory buffer without first performing sufficient bounds checking. Successful exploits of this vulnerability may allow an attacker to execute arbitrary commands on a target system, with the privileges of the firewall. Note that this vulnerability affects Kerio Personal Firewall 2.1.4 and earlier.
Affected Products
Kerio personal_firewall_2
Short Name
MISC:KERIO-AUTH-OF
Severity
Major
Recommended
False
Recommended Action
None
Category
MISC
Keywords
Authentication CVE-2003-0220 Firewall Kerio Overflow Personal bid:7180
Release Date
03/02/2006
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
Port
TCP/44334
False Positive
Occasionally
Vendors
Kerio
CVSS Score
7.5