Filtered by vendor Kerio
Subscribe
Total
44 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-1907 | 1 Kerio | 1 Personal Firewall | 2024-02-28 | 2.6 LOW | N/A |
The Web Filtering functionality in Kerio Personal Firewall (KPF) 4.0.13 allows remote attackers to cause a denial of service (crash) by sending hex-encoded URLs containing "%13%12%13". | |||||
CVE-2003-0487 | 1 Kerio | 1 Kerio Mailserver | 2024-02-28 | 7.5 HIGH | N/A |
Multiple buffer overflows in Kerio MailServer 5.6.3 allow remote authenticated users to cause a denial of service and possibly execute arbitrary code via (1) a long showuser parameter in the do_subscribe module, (2) a long folder parameter in the add_acl module, (3) a long folder parameter in the list module, and (4) a long user parameter in the do_map module. | |||||
CVE-2003-0219 | 1 Kerio | 1 Personal Firewall 2 | 2024-02-28 | 7.5 HIGH | N/A |
Kerio Personal Firewall (KPF) 2.1.4 and earlier allows remote attackers to execute administrator commands by sniffing packets from a valid session and replaying them against the remote administration server. | |||||
CVE-2003-1491 | 1 Kerio | 1 Personal Firewall | 2024-02-28 | 7.5 HIGH | N/A |
Kerio Personal Firewall (KPF) 2.1.4 has a default rule to accept incoming packets from DNS (UDP port 53), which allows remote attackers to bypass the firewall filters via packets with a source port of 53. |