Vulnerabilities > Kerio > Personal Firewall > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-05-02 | CVE-2005-1062 | Remote Security vulnerability in Kerio products The administration protocol for Kerio WinRoute Firewall 6.x up to 6.0.10, Personal Firewall 4.x up to 4.1.2, and MailServer up to 6.0.8 allows remote attackers to quickly obtain passwords that are 5 characters or less via brute force methods. | 7.5 |
2004-12-31 | CVE-2004-2329 | Local Privilege Escalation vulnerability in Kerio Personal Firewall 2.1.5 Kerio Personal Firewall (KPF) 2.1.5 allows local users to execute arbitrary code with SYSTEM privileges via the Load button in the Firewall Configuration Files option, which does not drop privileges before opening the file loading dialog box. | 7.2 |
2003-12-31 | CVE-2003-1491 | Code Injection vulnerability in Kerio Personal Firewall 2.1.4 Kerio Personal Firewall (KPF) 2.1.4 has a default rule to accept incoming packets from DNS (UDP port 53), which allows remote attackers to bypass the firewall filters via packets with a source port of 53. | 7.5 |