header-logo
Suggest Exploit
vendor:
Kerio Personal Firewall
by:
Unknown
5
CVSS
MEDIUM
Denial of Service
20
CWE
Product Name: Kerio Personal Firewall
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: YES
Related CWE:
CPE: a:kerio_technologies:kerio_personal_firewall
Metasploit:
Other Scripts:
Platforms Tested: Windows
Unknown

Denial of Service in Kerio Personal Firewall

Kerio Personal Firewall is vulnerable to a denial of service attack when the Web Filtering functionality is enabled. The vulnerability occurs when certain characters are present in a URI that is being handled by the Web Filtering procedures.

Mitigation:

Disable the Web Filtering functionality in Kerio Personal Firewall or apply the vendor-provided patch.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/10075/info

Kerio Personal Firewall includes Web URI Filtering functionality. A denial of service vulnerability has been reported to affect Kerio Personal Firewall when Web Filtering functionality is enabled. The issue presents itself when Web Filtering procedures handle a URI that contains certain characters.

http://www.example.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=^S^R^S

Navigation

Suggest Exploit

Services By CQR