Vulnerabilities > CVE-2005-3286 - Unspecified vulnerability in Kerio Personal Firewall and Serverfirewall
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
The FWDRV driver in Kerio Personal Firewall 4.2 and Server Firewall 1.1.1 allows local users to cause a denial of service (crash) by setting the PAGE_NOACCESS or PAGE_GUARD protection on the Page Environment Block (PEB), which triggers an exception, aka the "PEB lockout vulnerability."
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
References
- http://lists.grok.org.uk/pipermail/full-disclosure/2005-October/037958.html
- http://lists.grok.org.uk/pipermail/full-disclosure/2005-October/037958.html
- http://pb.specialised.info/all/adv/kerio-fwdrv-dos-adv.txt
- http://pb.specialised.info/all/adv/kerio-fwdrv-dos-adv.txt
- http://seclists.org/bugtraq/2005/Oct/166
- http://seclists.org/bugtraq/2005/Oct/166
- http://secunia.com/advisories/17155
- http://secunia.com/advisories/17155
- http://securityreason.com/securityalert/78
- http://securityreason.com/securityalert/78
- http://www.kerio.com/security_advisory.html
- http://www.kerio.com/security_advisory.html
- http://www.osvdb.org/19961
- http://www.osvdb.org/19961
- http://www.securityfocus.com/bid/15094
- http://www.securityfocus.com/bid/15094