Vulnerabilities > CVE-2005-0964 - Local Network Access Restriction Bypass vulnerability in Kerio Personal Firewall

CVSS 4.6 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

local

low complexity

kerio

NVD

Published: 2005-05-02

Updated: 2017-07-11

Summary

Unknown vulnerability in Kerio Personal Firewall 4.1.2 and earlier allows local users to bypass firewall rules via a malicious process that impersonates a legitimate process that has fewer restrictions.

Vulnerable Configurations

Part	Description	Count
Application	Kerio Kerio Personal Firewall 4.0.6 Kerio Personal Firewall 4.0.7 Kerio Personal Firewall 4.0.8 Kerio Personal Firewall 4.0.9 Kerio Personal Firewall 4.0.10 Kerio Personal Firewall 4.0.16 Kerio Personal Firewall 4.1 Kerio Personal Firewall 4.1.1 Kerio Personal Firewall 4.1.2	9

References

http://secunia.com/advisories/14717
http://securitytracker.com/id?1013607
http://www.kerio.com/security_advisory.html#0503
http://www.securityfocus.com/bid/12946
https://exchange.xforce.ibmcloud.com/vulnerabilities/19893