12 results (0.019 seconds)

CVSS: 2.1EPSS: 0%CPEs: 46EXPL: 0

The proxy server in Kerio WinRoute Firewall before 6.4.1 does not properly enforce authentication for HTTPS pages, which has unknown impact and attack vectors. NOTE: it is not clear whether this issue crosses privilege boundaries. El servidor proxy en Kerio WinRoute Firewall anterior a 6.4.1 no hace cumplir la autenticación para páginas HTTPS, lo cual tiene impacto y vectores de ataque desconocidos. NOTA: no está claro si este asunto atraviesa fronteras de privilegios. • http://osvdb.org/42122 http://secunia.com/advisories/28072 http://www.kerio.com/kwf_history.html http://www.securityfocus.com/bid/26851 http://www.securitytracker.com/id?1019095 http://www.vupen.com/english/advisories/2007/4212 https://exchange.xforce.ibmcloud.com/vulnerabilities/39020 • CWE-287: Improper Authentication •

CVSS: 5.0EPSS: 2%CPEs: 42EXPL: 0

Kerio WinRoute Firewall 6.2.2 and earlier allows remote attackers to cause a denial of service (crash) via malformed DNS responses. Kerio WinRoute Firewall 6.2.2 y anteriores permite a un atacante remoto provocar denegación de servicio (caida) a través de respuestas DNS mal formadas. • http://secunia.com/advisories/22986 http://securitytracker.com/id?1017067 http://www.kerio.com/kwf_history.html http://www.securityfocus.com/bid/20584 http://www.vupen.com/english/advisories/2006/4056 https://exchange.xforce.ibmcloud.com/vulnerabilities/29629 •

CVSS: 5.0EPSS: 8%CPEs: 42EXPL: 0

Kerio WinRoute Firewall before 6.2.1 allows remote attackers to cause a denial of service (application crash) via unknown vectors in the "email protocol inspectors," possibly (1) SMTP and (2) POP3. • http://secunia.com/advisories/19947 http://securitytracker.com/id?1016032 http://www.kerio.com/kwf_history.html http://www.osvdb.org/25273 http://www.osvdb.org/25300 http://www.securityfocus.com/archive/1/433585/100/0/threaded http://www.securityfocus.com/bid/17859 http://www.vupen.com/english/advisories/2006/1677 https://exchange.xforce.ibmcloud.com/vulnerabilities/26263 •

CVSS: 5.0EPSS: 4%CPEs: 39EXPL: 0

Multiple unspecified vulnerabilities in Kerio WinRoute Firewall before 6.1.4 Patch 1 allow remote attackers to cause a denial of service via multiple unspecified vectors involving (1) long strings received from Active Directory and (2) the filtering of HTML. • http://secunia.com/advisories/18542 http://www.kerio.com/kwf_history.html http://www.osvdb.org/22631 http://www.securityfocus.com/bid/16314 http://www.vupen.com/english/advisories/2006/0247 https://exchange.xforce.ibmcloud.com/vulnerabilities/24232 https://exchange.xforce.ibmcloud.com/vulnerabilities/24233 •

CVSS: 5.0EPSS: 0%CPEs: 40EXPL: 0

Kerio WinRoute Firewall before 6.1.4 Patch 2 allows attackers to cause a denial of service (CPU consumption and hang) via unknown vectors involving "browsing the web". • http://secunia.com/advisories/18589 http://www.kerio.com/kwf_history.html http://www.osvdb.org/22631 http://www.securityfocus.com/bid/16385 http://www.vupen.com/english/advisories/2006/0324 https://exchange.xforce.ibmcloud.com/vulnerabilities/24317 •