CVE-2003-1491
https://notcve.org/view.php?id=CVE-2003-1491
Kerio Personal Firewall (KPF) 2.1.4 has a default rule to accept incoming packets from DNS (UDP port 53), which allows remote attackers to bypass the firewall filters via packets with a source port of 53. • http://archives.neohapsis.com/archives/fulldisclosure/2003-q2/0352.html http://www.securiteam.com/securitynews/5FP0N1P9PI.html http://www.securityfocus.com/bid/7436 https://exchange.xforce.ibmcloud.com/vulnerabilities/11880 • CWE-16: Configuration CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2003-0220 – Kerio Personal Firewall 2.1.x - Remote Authentication Packet Buffer Overflow
https://notcve.org/view.php?id=CVE-2003-0220
Buffer overflow in the administrator authentication process for Kerio Personal Firewall (KPF) 2.1.4 and earlier allows remote attackers to execute arbitrary code via a handshake packet. Desbordamiento de búfer en el proceso de autenticación de Kerio Personal Firewall (KPF) 2.1.4 y anteriores permite a atacantes remotos ejecutar código arbitrario con un paquete de establecimiento de conexión (handshake). • https://www.exploit-db.com/exploits/22417 https://www.exploit-db.com/exploits/16465 https://www.exploit-db.com/exploits/1537 https://www.exploit-db.com/exploits/28 https://www.exploit-db.com/exploits/22418 http://marc.info/?l=bugtraq&m=105155734411836&w=2 http://www.coresecurity.com/common/showdoc.php?idx=314&idxseccion=10 http://www.kb.cert.org/vuls/id/454716 http://www.securityfocus.com/bid/7180 - •
CVE-2003-0219
https://notcve.org/view.php?id=CVE-2003-0219
Kerio Personal Firewall (KPF) 2.1.4 and earlier allows remote attackers to execute administrator commands by sniffing packets from a valid session and replaying them against the remote administration server. Kerio Personal Firewall (KPF) 2.1.4 y anteriores permiten a atacantes remotos ejecutar comandos administrativos olisqueando (sniffing) paquetes de una sesión válida y respondiéndolos contra el servidor de administración remota. • http://marc.info/?l=bugtraq&m=105155734411836&w=2 http://www.coresecurity.com/common/showdoc.php?idx=314&idxseccion=10 http://www.kb.cert.org/vuls/id/641012 http://www.securityfocus.com/bid/7179 •
CVE-2002-2161
https://notcve.org/view.php?id=CVE-2002-2161
Kerio Personal Firewall (KPF) 2.1.4 and earlier allows remote attackers to cause a denial of service (hang and CPU consumption) via a SYN packet flood. • http://online.securityfocus.com/archive/1/289119 http://www.iss.net/security_center/static/9963.php http://www.securityfocus.com/bid/5570 •