CVE-2004-1907 – Kerio Personal Firewall 4.0.x - Web Filtering Remote Denial of Service
https://notcve.org/view.php?id=CVE-2004-1907
The Web Filtering functionality in Kerio Personal Firewall (KPF) 4.0.13 allows remote attackers to cause a denial of service (crash) by sending hex-encoded URLs containing "%13%12%13". • https://www.exploit-db.com/exploits/23925 http://archives.neohapsis.com/archives/bugtraq/2004-04/0061.html http://marc.info/?l=bugtraq&m=108137421524251&w=2 http://secunia.com/advisories/11331 http://www.cipher.org.uk/index.php?p=advisories/HEX-Kerio_Personal_Firewall_Remote_DOS_7-04-2004.advisory http://www.securityfocus.com/bid/10075 https://exchange.xforce.ibmcloud.com/vulnerabilities/15821 •
CVE-2004-1109 – Kerio Personal Firewall 4.1.1 - Multiple IP Options Denial of Service Vulnerabilities
https://notcve.org/view.php?id=CVE-2004-1109
The FWDRV.SYS driver in Kerio Personal Firewall 4.1.1 and earlier allows remote attackers to cause a denial of service (CPU consumption and system freeze from infinite loop) via a (1) TCP, (2) UDP, or (3) ICMP packet with a zero length IP Option field. • https://www.exploit-db.com/exploits/626 http://www.eeye.com/html/research/advisories/AD20041109.html http://www.kerio.com/security_advisory.html http://www.securityfocus.com/bid/11639 https://exchange.xforce.ibmcloud.com/vulnerabilities/17992 •
CVE-2004-1658
https://notcve.org/view.php?id=CVE-2004-1658
Kerio Personal Firewall 4.0 (KPF4) allows local users with administrative privileges to bypass the Application Security feature and execute arbitrary processes by directly writing to \device\physicalmemory to restore the running kernel's SDT ServiceTable. • http://marc.info/?l=bugtraq&m=109420310631039&w=2 http://secunia.com/advisories/12468 http://www.security.org.sg/vuln/kerio4016.html http://www.securityfocus.com/bid/11096 https://exchange.xforce.ibmcloud.com/vulnerabilities/17270 •