lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <42552.80.58.4.235.1051023470.squirrel@www.vsantivirus.com>
From: conde0 at telefonica.net (David F. Madrid)
Subject: UDP bypassing in Kerio Firewall 2.1.4

Issue : UDP bypassing in Kerio Firewall

Affected product : Kerio Firewall 2.1.4 ( last build in his website )

Vendor status : vendor was contacted months ago

Tested Enviroment : switched LAN

Description :

Kerio develops a free firewall thats ships with default rules . Every
incoming / outgoing packet is compared against the default ruleset . As
the first rule accepts incoming packets if remote port is equal to 53 (
DNS ) the firewall can be easily bypassed just setting the source port of
the attack to 53
Exploit : nmap -v -P0 -sU -p 1900 192.168.0.5 -g 53

Recomendations : set a rule to restrict the local ports to a range of
1024-5000 for DNS connections

-- 
Regards ,

David F. Madrid
Madrid , Spain

www.nautopia.org

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ