Vulnerabilities > CVE-2003-0220 - Remote Authentication Packet Buffer Overflow vulnerability in Kerio Personal Firewall 2
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Buffer overflow in the administrator authentication process for Kerio Personal Firewall (KPF) 2.1.4 and earlier allows remote attackers to execute arbitrary code via a handshake packet.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 5 |
Exploit-Db
description Kerio Personal Firewall 2.1.x Remote Authentication Packet Buffer Overflow Vulnerability (2). CVE-2003-0220. Remote exploit for windows platform id EDB-ID:22418 last seen 2016-02-02 modified 2003-04-30 published 2003-04-30 reporter ThreaT source https://www.exploit-db.com/download/22418/ title Kerio Personal Firewall 2.1.x - Remote Authentication Packet Buffer Overflow Vulnerability 2 description Kerio Firewall 2.1.4 Authentication Packet Overflow. CVE-2003-0220. Remote exploit for windows platform id EDB-ID:16465 last seen 2016-02-01 modified 2010-06-15 published 2010-06-15 reporter metasploit source https://www.exploit-db.com/download/16465/ title Kerio Firewall 2.1.4 - Authentication Packet Overflow description Kerio Personal Firewall 2.1.x Remote Authentication Packet Buffer Overflow Vulnerability (1). CVE-2003-0220. Dos exploit for windows platform id EDB-ID:22417 last seen 2016-02-02 modified 2003-04-28 published 2003-04-28 reporter Core Security source https://www.exploit-db.com/download/22417/ title Kerio Personal Firewall 2.1.x - Remote Authentication Packet Buffer Overflow Vulnerability 1 description Kerio Personal Firewall. CVE-2003-0220. Remote exploit for windows platform id EDB-ID:1537 last seen 2016-01-31 modified 2006-02-28 published 2006-02-28 reporter y0 source https://www.exploit-db.com/download/1537/ title Kerio Personal Firewall <= 2.1.4 - Remote Authentication Packet Overflow description Kerio Personal Firewall 2.1.4 Remote Code Execution Exploit. CVE-2003-0220. Remote exploit for windows platform id EDB-ID:28 last seen 2016-01-31 modified 2003-05-08 published 2003-05-08 reporter Burebista source https://www.exploit-db.com/download/28/ title Kerio Personal Firewall 2.1.4 - Remote Code Execution Exploit
Metasploit
description | This module exploits a stack buffer overflow in Kerio Personal Firewall administration authentication process. This module has only been tested against Kerio Personal Firewall 2 (2.1.4). |
id | MSF:EXPLOIT/WINDOWS/FIREWALL/KERIO_AUTH |
last seen | 2020-04-11 |
modified | 2017-07-24 |
published | 2006-09-13 |
references | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0220 |
reporter | Rapid7 |
source | https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/windows/firewall/kerio_auth.rb |
title | Kerio Firewall 2.1.4 Authentication Packet Overflow |
Nessus
NASL family | Firewalls |
NASL id | KERIO_PF_BUFFER_OVERFLOW.NASL |
description | Kerio Personal Firewall is vulnerable to a buffer overflow attack involving the administrator authentication process. An attacker may use this to crash Kerio or to execute arbitrary code on the system. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 11575 |
published | 2003-05-06 |
reporter | This script is Copyright (C) 2003-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/11575 |
title | Kerio Personal Firewall Administrator Authentication Handshake Packet Remote Buffer Overflow |
code |
|
Packetstorm
data source | https://packetstormsecurity.com/files/download/82995/kerio_auth.rb.txt |
id | PACKETSTORM:82995 |
last seen | 2016-12-05 |
published | 2009-11-26 |
reporter | MC |
source | https://packetstormsecurity.com/files/82995/Kerio-Firewall-2.1.4-Authentication-Packet-Overflow.html |
title | Kerio Firewall 2.1.4 Authentication Packet Overflow |