CVSS: 5.0EPSS: 2%CPEs: 8EXPL: 2CVE-2004-1109 – Kerio Personal Firewall 4.1.1 - Multiple IP Options Denial of Service Vulnerabilities
https://notcve.org/view.php?id=CVE-2004-1109
The FWDRV.SYS driver in Kerio Personal Firewall 4.1.1 and earlier allows remote attackers to cause a denial of service (CPU consumption and system freeze from infinite loop) via a (1) TCP, (2) UDP, or (3) ICMP packet with a zero length IP Option field. • https://www.exploit-db.com/exploits/626 http://www.eeye.com/html/research/advisories/AD20041109.html http://www.kerio.com/security_advisory.html http://www.securityfocus.com/bid/11639 https://exchange.xforce.ibmcloud.com/vulnerabilities/17992 •
CVSS: 4.6EPSS: 0%CPEs: 6EXPL: 1CVE-2004-1658
https://notcve.org/view.php?id=CVE-2004-1658
Kerio Personal Firewall 4.0 (KPF4) allows local users with administrative privileges to bypass the Application Security feature and execute arbitrary processes by directly writing to \device\physicalmemory to restore the running kernel's SDT ServiceTable. • http://marc.info/?l=bugtraq&m=109420310631039&w=2 http://secunia.com/advisories/12468 http://www.security.org.sg/vuln/kerio4016.html http://www.securityfocus.com/bid/11096 https://exchange.xforce.ibmcloud.com/vulnerabilities/17270 •