Description: The bug allows an attacker to send a malicious packet causing 100% CPU utilization and total freeze of the system. Hard restart is necessary to recover from the freeze state (in most cases it means physical access to the affected computer).
Systems Affected: Kerio Personal Firewall 4.1.1 and prior
Overview: eEye Digital Security has discovered a severe denial of service vulnerability in the Kerio Personal Firewall product for Windows. The vulnerability allows a remote attacker to reliably render a system inoperative with one single packet. Physical access is required in order to bring an affected system out of this "frozen" state. This specific flaw exists within the component that performs low level processing of TCP, UDP, and ICMP packets.