{"vuid":"VU#454716","idnumber":"454716","name":"Kerio Personal Firewall vulnerable to buffer overflow","keywords":["Kerio Personal Firewall","buffer overflow","encrypted session","0x40","4 byte packet","4th packet"],"overview":"Kerio Personal Firewall contains a buffer overflow that may allow a remote attacker to execute arbitrary code. An exploit for this vulnerability is publicly available.","clean_desc":"Kerio Technologies Inc. describes the Kerio Personal Firewall as follows: Kerio Personal Firewall (KPF) is a software agent that builds a barrier between your personal computer and the Internet. KPF is designed to protect your PC against attacks from both the Internet, and other computers in the local network. Core Security Technologies discovered a buffer overflow vulnerability in the Kerio Personal Firewall. The vulnerability exists in a portion of code responsible for setting up encrypted administrator sessions for remote administration of the firewall. Note that the buffer overflow occurs prior to any authentication taking place. For further technical details, please see the Core Security Technologies advisory.","impact":"A remote attacker may be able to execute arbitrary code with the privileges of the Kerio Personal Firewall.","resolution":"Kerio Technologies Inc. has released Kerio Personal Firewall version 2.1.5 to address this vulnerability. Until you can upgrade, you may wish to disable the remote administration feature.","workarounds":"","sysaffected":"","thanks":"This vulnerability was discovered by Emiliano Kargieman, HernĂ¡n Gips, and Javier Burroni of \nCore Security Technologies","author":"This document was written by Ian A Finlay.","public":["http://www.coresecurity.com/common/showdoc.php?idx=314&idxseccion=10","http://www.securityfocus.com/data/vulnerabilities/exploits/kerio-overflow.py","http://www.securityfocus.com/data/vulnerabilities/exploits/PFExploit.c","http://marc.theaimsgroup.com/?l=bugtraq&m=105155734411836&w=2","http://www.securityfocus.com/data/vulnerabilities/exploits/PFExploit.c","http://www.s0h.cc/~threat/goodies/PFpatch/sources_PFpatch.zip","http://www.s0h.cc/~threat/goodies/PFpatch/PFpatch.exe","http://www.kerio.com/kpf_download.html","http://online.securityfocus.com/bid/7180"],"cveids":["CVE-2003-0220"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2003-04-28T20:24:02Z","publicdate":"2003-04-28T00:00:00Z","datefirstpublished":"2003-05-12T18:23:55Z","dateupdated":"2003-05-13T16:59:22Z","revision":16,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"20","cam_exploitation":"0","cam_internetinfrastructure":"5","cam_population":"5","cam_impact":"20","cam_easeofexploitation":"15","cam_attackeraccessrequired":"20","cam_scorecurrent":"14.0625","cam_scorecurrentwidelyknown":"14.0625","cam_scorecurrentwidelyknownexploited":"25.3125","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":14.0625,"vulnote":null}