Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: EEYE: Kerio Personal Firewall Multiple IP Options Denial of Service
From: n3td3v <xploitable () gmail com>
Date: Tue, 9 Nov 2004 21:51:06 +0000

On Tue, 9 Nov 2004 10:38:13 -0800, Marc Maiffret <mmaiffret () eeye com> wrote:

Systems Affected:
Kerio Personal Firewall 4.1.1 and prior

I assume you are not aware of the history of Kerio and how alot of
consumers maybe still on "Tiny" versions of the code.

Tiny Personal Firewall (all versions will also be vulnerable from this.)

Version 2.0.15 being the last released version before the code was
later handed to Kerio.

Further remarks on this would be helpful.



PS. I don't like eyee or the way they operate, i'm only replying to
help vulnerable users. (not eeye who pay ppl to send them exploits, so
they can get a world stage name for themselves) [scene whores of the
biggest description]

I'm a security enthusiast

My forum can be found via a geocities address at
http://www.geocities.com/n3td3v for off-thread feedback and comments.

(knowledge is power, eeye didn't even have the full history of the
code before they released this adviso, as said before, scene whores of
the highest degree)

Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]