To any users of Kerio Personal Firewall:
Secunia Advisory: SA14717 Print Advisory Release Date: 2005-03-30
Critical: Not critical Impact: Security Bypass Where: Local system Solution Status: Vendor Patch
Software: Kerio Personal Firewall 4.x
Select a product and view a complete list of all Patched/Unpatched Secunia advisories affecting it.
Description:
Petr Matousek has reported a vulnerability in Kerio Personal Firewall, which can be exploited by malicious programs to bypass the firewall rules.
The vulnerability is caused due to an error making it possible for a malicious process to bypass the firewall network rules by impersonating another process allowed to access the Internet.
Successful exploitation requires that a malicious program has been executed on the user's system.
The vulnerability affects versions 4.1.2 and prior.
Solution: Update to version 4.1.3.
Provided and/or discovered by: Petr Matousek
Original Advisory: Kerio: http://www.kerio.com/security_advisory.html#0503
Please note: The information, which this Secunia Advisory is based upon, comes from third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
Peter Kaulback -- -- I haven't failed, I've found 10,000 ways that don't work.
Thomas Edison (1847-1931) ============= PCWorks Mailing List ================= Don't see your post? Check our posting guidelines & make sure you've followed proper posting procedures, http://pcworkers.com/rules.htm Contact list owner <[EMAIL PROTECTED]> Unsubscribing and other changes: http://pcworkers.com =====================================================
