lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <4b6ee9310411091351707d2355@mail.gmail.com>
From: xploitable at gmail.com (n3td3v)
Subject: EEYE: Kerio Personal Firewall Multiple IP Options Denial of Service

On Tue, 9 Nov 2004 10:38:13 -0800, Marc Maiffret <mmaiffret@...e.com> wrote:
> Vendor:
> Kerio
> 
> Systems Affected:
> Kerio Personal Firewall 4.1.1 and prior

I assume you are not aware of the history of Kerio and how alot of
consumers maybe still on "Tiny" versions of the code.

Tiny Personal Firewall (all versions will also be vulnerable from this.)

Version 2.0.15 being the last released version before the code was
later handed to Kerio.

Further remarks on this would be helpful.

Thanks,

n3td3v

PS. I don't like eyee or the way they operate, i'm only replying to
help vulnerable users. (not eeye who pay ppl to send them exploits, so
they can get a world stage name for themselves) [scene whores of the
biggest description]

I'm a security enthusiast

My forum can be found via a geocities address at
http://www.geocities.com/n3td3v for off-thread feedback and comments.

(knowledge is power, eeye didn't even have the full history of the
code before they released this adviso, as said before, scene whores of
the highest degree)


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ