On Tue, 9 Nov 2004 10:38:13 -0800, Marc Maiffret <[EMAIL PROTECTED]> wrote:
Systems Affected: Kerio Personal Firewall 4.1.1 and prior
I assume you are not aware of the history of Kerio and how alot of consumers maybe still on "Tiny" versions of the code.
Tiny Personal Firewall (all versions will also be vulnerable from this.)
Does anyone actually *knows* if KPF 2 and the "Tiny" versions are vulnerable to this? Kerio's web page says:
"Affected products: Kerio Personal Firewall versions 4.0.0 thru 4.1.1"
This indicates that the error was introduced in version 4, whereas Eeye says "4.1.1 and prior".
Has anyone seen exploits for this circulating?
TIA
-- joerg klemenz <[EMAIL PROTECTED]>
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
