If you are running Kerio Personal Firewall then you should read on:
Kerio Products Password Brute Force and Denial of Service
Secunia Advisory: SA15179 Print Advisory Release Date: 2005-05-02
Critical: Not critical Impact: Brute force DoS Where: From local network Solution Status: Vendor Patch
Software: Kerio MailServer 5.x Kerio MailServer 6.x Kerio Personal Firewall 2.x Kerio Personal Firewall 3.x Kerio Personal Firewall 4.x Kerio WinRoute Firewall 5.x Kerio WinRoute Firewall 6.x
Select a product and view a complete list of all Patched/Unpatched Secunia advisories affecting it.
CVE reference: CAN-2005-1062 CAN-2005-1063
Description:
Javier Munoz has reported two weaknesses in Kerio WinRoute Firewall, Kerio MailServer and Kerio Personal Firewall, which can be exploited by malicious people to potentially cause a DoS (Denial of Service) and brute force passwords.
1) An error in the remote administration protocol, where multiple login attempts can be performed over a single connection, can be exploited to brute force passwords if the username is known.
2) An error in the remote administration protocol in the handling of certain repeated pre-authentication protocol messages, may be exploited to cause a vulnerable system to consume a large amount of CPU resources by continuously sending specially crafted messages.
The weaknesses affect the following versions: * Kerio WinRoute Firewall version 6.0.10 and prior. * Kerio MailServer version 6.0.8 and prior. * Kerio Personal Firewall version 4.1.2 and prior.
Solution: The weaknesses have been fixed in the following versions: * Kerio WinRoute Firewall version 6.0.11 and later. * Kerio MailServer version 6.0.9 and later. * Kerio Personal Firewall version 4.1.3 and later.
Restrict access to the administration ports.
Provided and/or discovered by: Javier Munoz, Secure Computer Group.
Original Advisory: Secure Computer Group: http://research.tic.udc.es/scg/advisories/20050429-1.txt http://research.tic.udc.es/scg/advisories/20050429-2.txt
Please note: The information, which this Secunia Advisory is based upon, comes from third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
Peter Kaulback -- -- I haven't failed, I've found 10,000 ways that don't work.
Thomas Edison (1847-1931) ============= PCWorks Mailing List ================= Don't see your post? Check our posting guidelines & make sure you've followed proper posting procedures, http://pcworkers.com/rules.htm Contact list owner <[EMAIL PROTECTED]> Unsubscribing and other changes: http://pcworkers.com =====================================================
