漏洞信息详情
Kerio管理端口拒绝服务漏洞
- CNNVD编号:CNNVD-200504-125 <!--
- 危害等级: 中危-->
- 危害等级: 中危
- CVE编号: CVE-2005-1063
- 漏洞类型: 其他
- 发布时间: 2005-04-29
- 威胁类型: 远程
- 更新时间: 2006-09-27
- 厂 商: kerio
- 漏洞来源: Javier Munoz (Secu...
-
漏洞简介
Kerio WinRoute Firewall是美国Kerio公司的一款企业级防火墙,它提供Internet共享、病毒防护和透明代理等功能。
用于Kerio WinRoute Firewall 6.x至6.0.10、Personal Firewall 4.x至4.1.2和MailServer up to 6.0.8版本的管理协议使得远程攻击者可以通过强制产品\"计算意外条件\"和\"执行密码操作\"的特定攻击从而发起拒绝服务攻击(CPU耗损)。
漏洞公告
目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
Kerio Personal Firewall 4.0.10
Kerio Kerio Personal Firewall 4.1.3
http://www.kerio.com/kpf_download.html
Kerio Personal Firewall 4.0.16
Kerio Kerio Personal Firewall 4.1.3
http://www.kerio.com/kpf_download.html
Kerio Personal Firewall 4.0.6
Kerio Kerio Personal Firewall 4.1.3
http://www.kerio.com/kpf_download.html
Kerio Personal Firewall 4.0.7
Kerio Kerio Personal Firewall 4.1.3
http://www.kerio.com/kpf_download.html
Kerio Personal Firewall 4.0.8
Kerio Kerio Personal Firewall 4.1.3
http://www.kerio.com/kpf_download.html
Kerio Personal Firewall 4.0.9
Kerio Kerio Personal Firewall 4.1.3
http://www.kerio.com/kpf_download.html
Kerio Personal Firewall 4.1
Kerio Kerio Personal Firewall 4.1.3
http://www.kerio.com/kpf_download.html
Kerio Personal Firewall 4.1.1
Kerio Kerio Personal Firewall 4.1.3
http://www.kerio.com/kpf_download.html
Kerio Personal Firewall 4.1.2
Kerio Kerio Personal Firewall 4.1.3
http://www.kerio.com/kpf_download.html
Kerio Mailserver 6.0
Kerio Kerio MailServer 6.0.9
http://www.kerio.com/kms_download.html
Kerio WinRoute Firewall 6.0
Kerio WinRoute Firewall 6.0.11
http://www.kerio.com/kwf_download.html
Kerio Mailserver 6.0.1
Kerio Kerio MailServer 6.0.9
http://www.kerio.com/kms_download.html
Kerio WinRoute Firewall 6.0.1
Kerio WinRoute Firewall 6.0.11
http://www.kerio.com/kwf_download.html
Kerio Mailserver 6.0.2
Kerio Kerio MailServer 6.0.9
http://www.kerio.com/kms_download.html
Kerio WinRoute Firewall 6.0.2
Kerio WinRoute Firewall 6.0.11
http://www.kerio.com/kwf_download.html
Kerio Mailserver 6.0.3
Kerio Kerio MailServer 6.0.9
http://www.kerio.com/kms_download.html
Kerio WinRoute Firewall 6.0.3
Kerio WinRoute Firewall 6.0.11
http://www.kerio.com/kwf_download.html
Kerio Mailserver 6.0.4
Kerio Kerio MailServer 6.0.9
http://www.kerio.com/kms_download.html
Kerio WinRoute Firewall 6.0.4
Kerio WinRoute Firewall 6.0.11
http://www.kerio.com/kwf_download.html
Kerio Mailserver 6.0.5
Kerio Kerio MailServer 6.0.9
http://www.kerio.com/kms_download.html
Kerio WinRoute Firewall 6.0.5
Kerio WinRoute Firewall 6.0.11
http://www.kerio.com/kwf_download.html
Kerio WinRoute Firewall 6.0.6
Kerio WinRoute Firewall 6.0.11
http://www.kerio.com/kwf_download.html
Kerio WinRoute Firewall 6.0.7
Kerio WinRoute Firewall 6.0.11
http://www.kerio.com/kwf_download.html
Kerio WinRoute Firewall 6.0.8
Kerio WinRoute Firewall 6.0.11
http://www.kerio.com/kwf_download.html
Kerio WinRoute Firewall 6.0.9
Kerio WinRoute Firewall 6.0.11
http://www.kerio.com/kwf_download.html
参考网址
来源: BUGTRAQ
名称: 20050429 [CAN-2005-1063] Administration protocol abuse leads to Service and System Denial of Service
链接:http://www.securityfocus.com/archive/1/397220
来源: www.kerio.com
链接:http://www.kerio.com/security_advisory.html
受影响实体
- Kerio Kerio_mailserver:6.0<!--2000-1-1-->
- Kerio Kerio_mailserver:6.0.1<!--2000-1-1-->
- Kerio Kerio_mailserver:6.0.2<!--2000-1-1-->
- Kerio Kerio_mailserver:6.0.3<!--2000-1-1-->
- Kerio Kerio_mailserver:6.0.4<!--2000-1-1-->
补丁
暂无
还没有评论,来说两句吧...