Kerio Personal Firewall URL Handling Denial of Service |
||
---|---|---|
#0
| ||
11.04.2004, 17:09
Moderator
Beiträge: 6466 |
||
|
||
14.04.2004, 12:23
Ehrenmitglied
Beiträge: 2283 |
#2
Vulnerable Systems:
* Kerio Personal Firewall version 4.0.13 When filtering URLs that contain the characters 0x13, 0x12, 0x13, the GUI application will crash because it cannot handle them. Kerio can also be made to crash remotely using URL redirection or an IFRAME. Repeatedly sending malformed URLs will eventually cause the Firewall to crash entirely. Workaround Disable web filtering completely until an update is available. __________ powered by http://different-thinking.de - Netze, Protokolle, Sicherheit, ... |
|
|
Zitat
Quelle und mehr Info: http://secunia.com/advisories/11331/__________
Durchsuchen --> Aussuchen --> Untersuchen