Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-0964

Overview

Vulnerability Score 4.6 4.6
CVE Id CVE-2005-0964
Last Modified 05 Sep 2008 04:47:48
Published 02 May 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2005-0964

Summary

Unknown vulnerability in Kerio Personal Firewall 4.1.2 and earlier allows local users to bypass firewall rules via a malicious process that impersonates a legitimate process that has fewer restrictions.

Vulnerable Systems

Application

  • Kerio Personal Firewall 4.0.10

  • Kerio Personal Firewall 4.0.16

  • Kerio Personal Firewall 4.0.6

  • Kerio Personal Firewall 4.0.7

  • Kerio Personal Firewall 4.0.8

  • Kerio Personal Firewall 4.0.9

  • Kerio Personal Firewall 4.1

  • Kerio Personal Firewall 4.1.1

  • Kerio Personal Firewall 4.1.2


References

XF - kerio-firewall-rule-security-bypass(19893)

BID - 12946

CONFIRM - http://www.kerio.com/security_advisory.html#0503

SECTRACK - 1013607

SECUNIA - 14717


Last Updated: 27 May 2016 10:39:58