CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2003-1491
https://notcve.org/view.php?id=CVE-2003-1491
Kerio Personal Firewall (KPF) 2.1.4 has a default rule to accept incoming packets from DNS (UDP port 53), which allows remote attackers to bypass the firewall filters via packets with a source port of 53. • http://archives.neohapsis.com/archives/fulldisclosure/2003-q2/0352.html http://www.securiteam.com/securitynews/5FP0N1P9PI.html http://www.securityfocus.com/bid/7436 https://exchange.xforce.ibmcloud.com/vulnerabilities/11880 • CWE-16: Configuration CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 5.0EPSS: 1%CPEs: 5EXPL: 0CVE-2002-2161
https://notcve.org/view.php?id=CVE-2002-2161
Kerio Personal Firewall (KPF) 2.1.4 and earlier allows remote attackers to cause a denial of service (hang and CPU consumption) via a SYN packet flood. • http://online.securityfocus.com/archive/1/289119 http://www.iss.net/security_center/static/9963.php http://www.securityfocus.com/bid/5570 •