Skip navigation
Menu
Security

Denial of Service in Kerio Personal Firewall 4.1.1

Reported November 9, 2004, by eEye Digital Security

VERSIONS AFFECTED

  • Kerio Personal Firewall 4.1.1 and earlier

DESCRIPTION
A Denial of Service (DoS) vulnerability has been discovered in Kerio Personal Firewall 4.1.1 and earlier. The vulnerability lets a remote attacker reliably render a system inoperative with one packet. Physical access is required in order to bring an affected system out of this "frozen" state. This specific flaw exists within the fwdrv.sys component, which performs low-level processing of TCP, UDP, and Internet Control Message Protocol (ICMP) packets.

VENDOR RESPONSE
Kerio Technologies has released a security advisory regarding this vulnerability and recommends that affected users immediately upgrade to version 4.12

CREDIT
Discovered by eEye Digital Security.

Hide comments

More information about text formats

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish
Recommended Reading
100 dollar bill in a digitalized format
How to Deal With Cybersecurity Budget Cuts
Sep 05, 2023
SaaS button amid locks
Snow Software Survey Identifies SaaS Management Struggles
Aug 25, 2023
cybersecurity lock
Candy Alexander on Advancing Cybersecurity, Business Resilience, and Cloud Navigation
Aug 22, 2023
silhouette in a dark room with cybersecurity incident
Microsoft’s Role in Email Breach to Be Part of Cyber Inquiry
Aug 11, 2023