Sunbelt Kerio Personal Firewall 4.3.426 - CreateRemoteThread Denial of Service

EDB-ID:

28228




Platform:

Hardware

Date:

2006-07-15


source: https://www.securityfocus.com/bid/18996/info

Sunbelt Kerio Personal Firewall is prone to a denial-of-service vulnerability. This issue can occur when a program calls the 'CreateRemoteThread' Windows API call.

Exploitation of this vulnerability could cause the firewall application to crash. This could expose the computer to further attacks.

The individual who discovered this vulnerability claims to have tested it on Sunbelt Kerio Personal Firewall versions 4.3.246 and 4.2.3.912. They were unable to reproduce the vulnerability on version 4.2.3.912, which is an older release. The vulnerable functionality may have been introduced at some point after the 4.2.3.912 release, but this has not been confirmed.

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/28228.zip