s0h: Kerio Personal Firewall and Tiny Personal Firewall remote exploit/patch.

From: descript (descript_at_sv98.s0h.cc)
Date: 05/08/03

  • Next message: Qazi Ahmed: "Multiple Vulnerabilities found in Microsoft .Net Passport Services"
    Date: Thu, 8 May 2003 20:05:56 +0000
    To: vuln-dev@securityfocus.com
    
    

    Hello,

    April 28, 2003, the CoreSecurity team publishes security advisory concerning 2 holes in Kiero Personal Firewall, of which one of both is Remote Buffer Overflow in the process of connection of the remote admin module.
    Kiero Personal Firewall using PFEngine, an common firewall engine, it proves that the vulnerability is also present in Tiny Personal Firewall!
    In the same time, every PFE firewall based products are vulnerable...

    Today, the Thursday, May 8, 2003 6:27 PM, ThreaT (again@#!) from Skin Of Humanity Group released the exploit and the UNOFFICIAL patch for Kerio Personal Firewall version 2.1.4.0 (and previous versions) and Tiny Personal Firewall version 2.0.15.0.

    Please enjoy sources of the patch at : http://www.s0h.cc/~threat/goodies/PFpatch/sources_PFpatch.zip

    To correct this problem on your personnal firewall use this address : http://www.s0h.cc/~threat/goodies/PFpatch/PFpatch.exe

    To understanding the hole and the exploitation method please get the exploit at http://www.s0h.cc/~threat/source/PFExploit.c.

    A french advisory was writed at http://s0h.cc/~threat/goodies/PFpatch/

    Sight that Kiero did not want to answer the CoreSecurity request, we did not inform Kerio. i think they do not understood what it passed. (no offence).

    Special Thanks to :
         - Emiliano Kargieman from CoreSecurity
         - Hernán Gips from CoreSecurity
         - Javier Burroni from CoreSecurity
         - ThreaT from Skin Of Humanity

    Please note :
    The Skin Of Humanity Group protect all its members.if a problem occurs concerning this diffusion, the author is not responsible, the leader of the group is in all the responsible case of cause. Since the diffusion does not come from the creator but from the group. Thank you.
    Best regards and respect,
    Descript. <descript@s0h.cc>
    Skin Of Humanity
    http://s0h.cc/


  • Next message: Qazi Ahmed: "Multiple Vulnerabilities found in Microsoft .Net Passport Services"

    Relevant Pages

    • [NT] Tiny Personal Firewall 3.0 Denial of Service Vulnerabilities
      ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... Tiny Personal Firewall 3.0 for Windows platform contains Denial of Service ... crash the operating system consuming 100% of your CPU resources. ... 1] DoS vulnerability with Tiny Personal Firewall 3.0 Default Installation ...
      (Securiteam)
    • s0h: Kerio Personal Firewall and Tiny Personal Firewall remote exploit/patch.
      ... Kiero Personal Firewall using PFEngine, an common firewall engine, it proves that the vulnerability is also present in Tiny Personal Firewall! ... every PFE firewall based products are vulnerable... ...
      (Bugtraq)
    • Re: Comodo Personal Firewall
      ... |> I would like to announce that v.2 of Comodo personal firewall is now ... CPF 2 passes the breakout leak test. ... All systems have a measure of vulnerability. ... | Have you implemented a security system for Windows messages and a security ...
      (comp.security.firewalls)
    • NSSI-2002-tpfw: Tiny Personal Firewall 3.0 Denial of Service Vulnerabilities
      ... NSSI-Research Labs Security Advisory ... Tiny Personal Firewall 3.0 Denial of Service Vulnerabilities ... Vendor Status: No Response for 1 1/2 weeks after the notice. ... 1] DoS vulnerability with Tiny Personal Firewall 3.0 Default Installation ...
      (Bugtraq)
    • Kerio Personal Firewall DOS Vulnerability
      ... NSSI-Research Labs Security Advisory ... Kerio Personal Firewall 2.x.x Denial of Service Vulnerability ... Vendor Status: Vendor inform us to release new version and hopefully it would patch the vulnerability. ...
      (Bugtraq)