Kerio Personal Firewall Engine Denial of Service

Affected Software: Kerio Personal Firewall 4.x


David Matousek has discovered a vulnerability in Kerio Personal Firewall, which can be exploited by malicious, local users to cause a DoS (Denial of Service).


The vulnerability is caused due to a logic error in the kpf4ss.exe service in the “CreateRemoteThread()” API hook. This can be exploited to cause a runtime error via a “CreateRemoteThread()” API call.


The vulnerability has been confirmed in version 4.3.246. Other versions may also be affected.


Solution:  Grant only trusted users access to affected systems.


http://secunia.com/advisories/21060/


Update:  Sunbelt released an update to its firewall software to fix the above issue.  See Sunbelt’s blog for details.

Leave a Reply