mailing list archives
Re: EEYE: Kerio Personal Firewall Multiple IP Options Denial of Service
From: n3td3v <xploitable () gmail com>
Date: Tue, 9 Nov 2004 21:51:06 +0000
On Tue, 9 Nov 2004 10:38:13 -0800, Marc Maiffret <mmaiffret () eeye com> wrote:
Kerio Personal Firewall 4.1.1 and prior
I assume you are not aware of the history of Kerio and how alot of
consumers maybe still on "Tiny" versions of the code.
Tiny Personal Firewall (all versions will also be vulnerable from this.)
Version 2.0.15 being the last released version before the code was
later handed to Kerio.
Further remarks on this would be helpful.
PS. I don't like eyee or the way they operate, i'm only replying to
help vulnerable users. (not eeye who pay ppl to send them exploits, so
they can get a world stage name for themselves) [scene whores of the
I'm a security enthusiast
My forum can be found via a geocities address at
http://www.geocities.com/n3td3v for off-thread feedback and comments.
(knowledge is power, eeye didn't even have the full history of the
code before they released this adviso, as said before, scene whores of
the highest degree)
Full-Disclosure - We believe in it.