Vulnerabilities > CVE-2003-1491 - Configuration vulnerability in Kerio Personal Firewall 2.1.4
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Kerio Personal Firewall (KPF) 2.1.4 has a default rule to accept incoming packets from DNS (UDP port 53), which allows remote attackers to bypass the firewall filters via packets with a source port of 53.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Common Weakness Enumeration (CWE)
Nessus
| NASL family | Firewalls |
| NASL id | KERIO_PF_UDPBYPASS.NASL |
| description | It is possible to bypass the rules of the remote firewall by sending UDP packets with a source port equal to 53. An attacker may use this flaw to inject UDP packets to the remote hosts, in spite of the presence of a firewall. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 11580 |
| published | 2003-05-06 |
| reporter | This script is Copyright (C) 2003-2019 and is owned by Tenable, Inc. or an Affiliate thereof. |
| source | https://www.tenable.com/plugins/nessus/11580 |
| title | Firewall UDP Packet Source Port 53 Ruleset Bypass |
References
- http://archives.neohapsis.com/archives/fulldisclosure/2003-q2/0352.html
- http://archives.neohapsis.com/archives/fulldisclosure/2003-q2/0352.html
- http://www.securiteam.com/securitynews/5FP0N1P9PI.html
- http://www.securiteam.com/securitynews/5FP0N1P9PI.html
- http://www.securityfocus.com/bid/7436
- http://www.securityfocus.com/bid/7436
- https://exchange.xforce.ibmcloud.com/vulnerabilities/11880
- https://exchange.xforce.ibmcloud.com/vulnerabilities/11880