Re: EEYE: Kerio Personal Firewall Multiple IP Options Denial of Service

[n3td3v <xploitable () gmail com>]

On Tue, 9 Nov 2004 10:38:13 -0800, Marc Maiffret <mmaiffret () eeye com> wrote:
> Vendor:
> Kerio
>
> Systems Affected:
> Kerio Personal Firewall 4.1.1 and prior

I assume you are not aware of the history of Kerio and how alot of
consumers maybe still on "Tiny" versions of the code.

Tiny Personal Firewall (all versions will also be vulnerable from this.)

Version 2.0.15 being the last released version before the code was
later handed to Kerio.

Further remarks on this would be helpful.

Thanks,

n3td3v

PS. I don't like eyee or the way they operate, i'm only replying to
help vulnerable users. (not eeye who pay ppl to send them exploits, so
they can get a world stage name for themselves) [scene whores of the
biggest description]

I'm a security enthusiast

My forum can be found via a geocities address at
http://www.geocities.com/n3td3v for off-thread feedback and comments.

(knowledge is power, eeye didn't even have the full history of the
code before they released this adviso, as said before, scene whores of
the highest degree)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html