1. Home
  2. Networking Firewalls
  3. Another Kerio vulnerability

Another Kerio vulnerability

Description: The bug allows an attacker to send a malicious packet causing 100% CPU utilization and total freeze of the system. Hard restart is necessary to recover from the freeze state (in most cases it means physical access to the affected computer).

Systems Affected: Kerio Personal Firewall 4.1.1 and prior

Overview: eEye Digital Security has discovered a severe denial of service vulnerability in the Kerio Personal Firewall product for Windows. The vulnerability allows a remote attacker to reliably render a system inoperative with one single packet. Physical access is required in order to bring an affected system out of this "frozen" state. This specific flaw exists within the component that performs low level processing of TCP, UDP, and ICMP packets.

Reply to
Angus Rodgers
Loading thread data ...

|Description: The bug allows an attacker to send a malicious |packet causing 100% CPU utilization and total freeze of the |system. Hard restart is necessary to recover from the freeze |state (in most cases it means physical access to the affected |computer). | | |Systems Affected: |Kerio Personal Firewall 4.1.1 and prior | |Overview: |eEye Digital Security has discovered a severe denial of service |vulnerability in the Kerio Personal Firewall product for Windows. |The vulnerability allows a remote attacker to reliably render a |system inoperative with one single packet. Physical access is |required in order to bring an affected system out of this "frozen" |state. This specific flaw exists within the component that |performs low level processing of TCP, UDP, and ICMP packets. |

Would having a router in place (in addition to Kerio) eliminate that vulnerability or would the packet in question still be an issue?

Reply to
Mock Turtle

Taking a moment's reflection, Mock Turtle mused: | | Would having a router in place (in addition to Kerio) eliminate that | vulnerability or would the packet in question still be an issue?

A router would block the packet (assuming no DMZ) before it reached Kerio ... unless the packet is sent in response to traffic initiated by the computer running Kerio.

Reply to
mhicaoidh

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.