CVSS: 4.6EPSS: 0%CPEs: 9EXPL: 0CVE-2005-0964
https://notcve.org/view.php?id=CVE-2005-0964
Unknown vulnerability in Kerio Personal Firewall 4.1.2 and earlier allows local users to bypass firewall rules via a malicious process that impersonates a legitimate process that has fewer restrictions. • http://secunia.com/advisories/14717 http://securitytracker.com/id?1013607 http://www.kerio.com/security_advisory.html#0503 http://www.securityfocus.com/bid/12946 https://exchange.xforce.ibmcloud.com/vulnerabilities/19893 •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 2CVE-2004-2329
https://notcve.org/view.php?id=CVE-2004-2329
Kerio Personal Firewall (KPF) 2.1.5 allows local users to execute arbitrary code with SYSTEM privileges via the Load button in the Firewall Configuration Files option, which does not drop privileges before opening the file loading dialog box. • http://secunia.com/advisories/10746 http://www.osvdb.org/3748 http://www.securityfocus.com/bid/9525 http://www.securitytracker.com/alerts/2004/Jan/1008870.html http://www.tuneld.com/_images/other/kpf_system_privileges.png http://www.tuneld.com/news/?id=30 https://exchange.xforce.ibmcloud.com/vulnerabilities/14981 •
CVSS: 2.6EPSS: 3%CPEs: 5EXPL: 5CVE-2004-1907 – Kerio Personal Firewall 4.0.x - Web Filtering Remote Denial of Service
https://notcve.org/view.php?id=CVE-2004-1907
The Web Filtering functionality in Kerio Personal Firewall (KPF) 4.0.13 allows remote attackers to cause a denial of service (crash) by sending hex-encoded URLs containing "%13%12%13". • https://www.exploit-db.com/exploits/23925 http://archives.neohapsis.com/archives/bugtraq/2004-04/0061.html http://marc.info/?l=bugtraq&m=108137421524251&w=2 http://secunia.com/advisories/11331 http://www.cipher.org.uk/index.php?p=advisories/HEX-Kerio_Personal_Firewall_Remote_DOS_7-04-2004.advisory http://www.securityfocus.com/bid/10075 https://exchange.xforce.ibmcloud.com/vulnerabilities/15821 •
CVSS: 5.0EPSS: 2%CPEs: 8EXPL: 2CVE-2004-1109 – Kerio Personal Firewall 4.1.1 - Multiple IP Options Denial of Service Vulnerabilities
https://notcve.org/view.php?id=CVE-2004-1109
The FWDRV.SYS driver in Kerio Personal Firewall 4.1.1 and earlier allows remote attackers to cause a denial of service (CPU consumption and system freeze from infinite loop) via a (1) TCP, (2) UDP, or (3) ICMP packet with a zero length IP Option field. • https://www.exploit-db.com/exploits/626 http://www.eeye.com/html/research/advisories/AD20041109.html http://www.kerio.com/security_advisory.html http://www.securityfocus.com/bid/11639 https://exchange.xforce.ibmcloud.com/vulnerabilities/17992 •
CVSS: 4.6EPSS: 0%CPEs: 6EXPL: 1CVE-2004-1658
https://notcve.org/view.php?id=CVE-2004-1658
Kerio Personal Firewall 4.0 (KPF4) allows local users with administrative privileges to bypass the Application Security feature and execute arbitrary processes by directly writing to \device\physicalmemory to restore the running kernel's SDT ServiceTable. • http://marc.info/?l=bugtraq&m=109420310631039&w=2 http://secunia.com/advisories/12468 http://www.security.org.sg/vuln/kerio4016.html http://www.securityfocus.com/bid/11096 https://exchange.xforce.ibmcloud.com/vulnerabilities/17270 •