Sign-up

ID

VAR-200312-0440


CVE

CVE-2003-1491


TITLE

Kerio Personal Firewall Firewall Filter Bypass Vulnerability

Trust: 0.9

sources: BID: 7436 // CNNVD: CNNVD-200312-079

DESCRIPTION

Kerio Personal Firewall (KPF) 2.1.4 has a default rule to accept incoming packets from DNS (UDP port 53), which allows remote attackers to bypass the firewall filters via packets with a source port of 53. Reportedly, KPF suffers from a vulnerability whereby the existing firewall filters may be bypassed. This vulnerability exists due to the fact that UDP traffic to and from port 53 is allowed. Allegedly, an attacker may craft a special packet with a source port of 53 and send this packet to a vulnerable system. KPF will allow this packet to proceed thus bypassing the firewall filters

Trust: 1.35

sources: NVD: CVE-2003-1491 // BID: 7436 // VULHUB: VHN-8316 // VULMON: CVE-2003-1491

AFFECTED PRODUCTS

vendor:keriomodel:personal firewallscope:eqversion:2.1.4

Trust: 1.6

vendor:keriomodel:personal firewallscope:eqversion:22.1.4

Trust: 0.3

sources: BID: 7436 // CNNVD: CNNVD-200312-079 // NVD: CVE-2003-1491

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2003-1491
value: HIGH

Trust: 1.0

CNNVD: CNNVD-200312-079
value: HIGH

Trust: 0.6

VULHUB: VHN-8316
value: HIGH

Trust: 0.1

VULMON: CVE-2003-1491
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2003-1491
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

VULHUB: VHN-8316
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-8316 // VULMON: CVE-2003-1491 // CNNVD: CNNVD-200312-079 // NVD: CVE-2003-1491

PROBLEMTYPE DATA

problemtype:CWE-16

Trust: 1.1

problemtype:CWE-94

Trust: 1.1

sources: VULHUB: VHN-8316 // NVD: CVE-2003-1491

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200312-079

TYPE

Configuration Error

Trust: 0.9

sources: BID: 7436 // CNNVD: CNNVD-200312-079

EXTERNAL IDS

db:BIDid:7436

Trust: 2.1

db:NVDid:CVE-2003-1491

Trust: 1.8

db:CNNVDid:CNNVD-200312-079

Trust: 0.7

db:XFid:11880

Trust: 0.6

db:FULLDISCid:20030422 UDP BYPASSING IN KERIO FIREWALL 2.1.4

Trust: 0.6

db:VULHUBid:VHN-8316

Trust: 0.1

db:VULMONid:CVE-2003-1491

Trust: 0.1

sources: VULHUB: VHN-8316 // VULMON: CVE-2003-1491 // BID: 7436 // CNNVD: CNNVD-200312-079 // NVD: CVE-2003-1491

REFERENCES

url:http://www.securityfocus.com/bid/7436

Trust: 1.8

url:http://archives.neohapsis.com/archives/fulldisclosure/2003-q2/0352.html

Trust: 1.8

url:http://www.securiteam.com/securitynews/5fp0n1p9pi.html

Trust: 1.8

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/11880

Trust: 1.2

url:http://xforce.iss.net/xforce/xfdb/11880

Trust: 0.6

url:http://www.kerio.com

Trust: 0.3

url:https://cwe.mitre.org/data/definitions/94.html

Trust: 0.1

url:https://cwe.mitre.org/data/definitions/16.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

sources: VULHUB: VHN-8316 // VULMON: CVE-2003-1491 // BID: 7436 // CNNVD: CNNVD-200312-079 // NVD: CVE-2003-1491

CREDITS

Discovery of this issue credited to David F. Madrid.

Trust: 0.9

sources: BID: 7436 // CNNVD: CNNVD-200312-079

SOURCES

db:VULHUBid:VHN-8316
db:VULMONid:CVE-2003-1491
db:BIDid:7436
db:CNNVDid:CNNVD-200312-079
db:NVDid:CVE-2003-1491

LAST UPDATE DATE

2024-08-14T15:40:56.093000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-8316date:2017-07-29T00:00:00
db:VULMONid:CVE-2003-1491date:2017-07-29T00:00:00
db:BIDid:7436date:2003-04-25T00:00:00
db:CNNVDid:CNNVD-200312-079date:2003-12-31T00:00:00
db:NVDid:CVE-2003-1491date:2017-07-29T01:29:14.140

SOURCES RELEASE DATE

db:VULHUBid:VHN-8316date:2003-12-31T00:00:00
db:VULMONid:CVE-2003-1491date:2003-12-31T00:00:00
db:BIDid:7436date:2003-04-25T00:00:00
db:CNNVDid:CNNVD-200312-079date:2003-12-31T00:00:00
db:NVDid:CVE-2003-1491date:2003-12-31T05:00:00