Vulnerabilities > CVE-2004-1109 - Denial Of Service vulnerability in Kerio Personal Firewall IP Options

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
low complexity
kerio
exploit available

Summary

The FWDRV.SYS driver in Kerio Personal Firewall 4.1.1 and earlier allows remote attackers to cause a denial of service (CPU consumption and system freeze from infinite loop) via a (1) TCP, (2) UDP, or (3) ICMP packet with a zero length IP Option field.

Exploit-Db

descriptionKerio Personal Firewall <= 4.1.1 Multiple IP Options DoS Exploit. CVE-2004-1109. Dos exploit for windows platform
idEDB-ID:626
last seen2016-01-31
modified2004-11-12
published2004-11-12
reporterhouseofdabus
sourcehttps://www.exploit-db.com/download/626/
titleKerio Personal Firewall <= 4.1.1 - Multiple IP Options DoS Exploit