CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 4CVE-2009-2450 – Online Armor < 3.5.0.12 - 'OAmon.sys' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2009-2450
13 Jul 2009 — The OAmon.sys kernel driver 3.1.0.0 and earlier in Tall Emu Online Armor Personal Firewall AV+ before 3.5.0.12, and Personal Firewall 3.5 before 3.5.0.14, allows local users to gain privileges via crafted METHOD_NEITHER IOCTL requests to \Device\OAmon containing arbitrary kernel addresses, as demonstrated using the 0x830020C3 IOCTL. El controlador del kernel OAmon.sys v 3.1.0.0 y anteriores en Tall Emu Online Armor Personal Firewall AV+ anterior a v3.5.0.12, y Personal Firewall 3.5 anterior a v3.5.0.14, per... • https://www.exploit-db.com/exploits/8875 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2006-3787 – Sunbelt Kerio Personal Firewall 4.3.426 - CreateRemoteThread Denial of Service
https://notcve.org/view.php?id=CVE-2006-3787
21 Jul 2006 — kpf4ss.exe in Sunbelt Kerio Personal Firewall 4.3.x before 4.3.268 does not properly hook the CreateRemoteThread API function, which allows local users to cause a denial of service (crash) and bypass protection mechanisms by calling CreateRemoteThread. kpf4ss.exe en Sunbelt Kerio Personal Firewall 4.3.x anterior a 4.3.268 no se engancha adecuadamente a la función CreateRemoteThread de la API, lo cual permite a usuarios locales provocar una denegación de servicio (caída) y evitar mecanismos de protección lla... • https://www.exploit-db.com/exploits/28228 •
CVSS: 9.8EPSS: 1%CPEs: 5EXPL: 1CVE-2003-0219
https://notcve.org/view.php?id=CVE-2003-0219
29 Apr 2003 — Kerio Personal Firewall (KPF) 2.1.4 and earlier allows remote attackers to execute administrator commands by sniffing packets from a valid session and replaying them against the remote administration server. Kerio Personal Firewall (KPF) 2.1.4 y anteriores permiten a atacantes remotos ejecutar comandos administrativos olisqueando (sniffing) paquetes de una sesión válida y respondiéndolos contra el servidor de administración remota. • http://marc.info/?l=bugtraq&m=105155734411836&w=2 •
CVSS: 9.8EPSS: 85%CPEs: 5EXPL: 6CVE-2003-0220 – Kerio Personal Firewall 2.1.x - Remote Authentication Packet Buffer Overflow
https://notcve.org/view.php?id=CVE-2003-0220
29 Apr 2003 — Buffer overflow in the administrator authentication process for Kerio Personal Firewall (KPF) 2.1.4 and earlier allows remote attackers to execute arbitrary code via a handshake packet. Desbordamiento de búfer en el proceso de autenticación de Kerio Personal Firewall (KPF) 2.1.4 y anteriores permite a atacantes remotos ejecutar código arbitrario con un paquete de establecimiento de conexión (handshake). • https://www.exploit-db.com/exploits/22417 •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2002-2161
https://notcve.org/view.php?id=CVE-2002-2161
31 Dec 2002 — Kerio Personal Firewall (KPF) 2.1.4 and earlier allows remote attackers to cause a denial of service (hang and CPU consumption) via a SYN packet flood. • http://online.securityfocus.com/archive/1/289119 •