CVE-2004-1658

Kerio Personal Firewall 4.0 (KPF4) allows local users with administrative privileges to bypass the Application Security feature and execute arbitrary processes by directly writing to \device\physicalmemory to restore the running kernel's SDT ServiceTable.

Published: Sep 2, 2004
Updated: Apr 13, 2023
CVE: CVE-2004-1658
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.6
AV:L/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
kerio / personal_firewall	4.0.8	4.0.8.x
kerio / personal_firewall	4.0.7	4.0.7.x
kerio / personal_firewall	4.0.16	4.0.16.x
kerio / personal_firewall	4.0.10	4.0.10.x
kerio / personal_firewall	4.0.6	4.0.6.x
kerio / personal_firewall	4.0.9	4.0.9.x

http://marc.info/?l=bugtraq&m=109420310631039&w=2
http://secunia.com/advisories/12468/
http://www.security.org.sg/vuln/kerio4016.html
http://www.securityfocus.com/bid/11096
https://exchange.xforce.ibmcloud.com/vulnerabilities/17270

Vulnerability Database

289,871

CVE-2004-1658