Kerio Terminating 'kpf4ss.exe' using internal runtime error Vulnerability

2006.07.25

Credit: David Matousek

Risk: Low

Local: Yes

Remote: Yes

CVE: CVE-2006-3787

CWE: CWE-Other

CVSS Base Score: 2.1/10

Impact Subscore: 2.9/10

Exploitability Subscore: 3.9/10

Exploit range: Local

Attack complexity: Low

Authentication: No required

Confidentiality impact: None

Integrity impact: None

Availability impact: Partial

Hello,

I would like to inform you about a vulnerability in Sunbelt Kerio Personal Firewall found by
Matousec - Transparent security. Detailed information is available here
http://www.matousec.com/info/advisories/Kerio-Terminating-kpf4ss-exe-usi
ng-internal-runtime-error.php

-- 
David Matousek

Founder and Chief Representative of Matousec - Transparent security
http://www.matousec.com/

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Kerio Terminating 'kpf4ss.exe' using internal runtime error Vulnerability

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.