[guru] Fwd: [david@matousec.com: Kerio Terminating 'kpf4ss.exe' using internal runtime error Vulnerability]
DATE: Mon, 17 Jul 2006 17:45:15 +0200
Biztonsági hibát találtak a Sunbelt Kerio Personal Firewall-ban.
A Windows API CreateRemoteThread user módban kapcsolódik a Kerio minden
processzéhez. Az API hívása a Kerio szervíz (kpf4ss.exe) összeomlásához
vezethet, ami a védelem kikpcsolásával egyenlő.
----- Forwarded message from David Matousek <david@matousec.com> -----
Date: Sat, 15 Jul 2006 10:26:03 +0200
From: David Matousek <david@matousec.com>
To: bugtraq@securityfocus.com
Subject: Kerio Terminating 'kpf4ss.exe' using internal runtime error Vulnerability
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.8.0.1) Gecko/20060130 SeaMonkey/1.0
Hello,
I would like to inform you about a vulnerability in Sunbelt Kerio Personal Firewall found by
Matousec - Transparent security. Detailed information is available here
http://www.matousec.com/info/advisories/Kerio-Terminating-kpf4ss-exe-using-internal-runtime-error.php
--
David Matousek
Founder and Chief Representative of Matousec - Transparent security
http://www.matousec.com/
----- End forwarded message -----