| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 3.3 | $0-$5k | 0.12 |
Summary
A vulnerability, which was classified as problematic, has been found in Kerio WinRoute Firewall. The affected element is an unknown function of the component SMTP Inspector. Performing a manipulation results in denial of service. There is no exploit available. It is suggested to use restrictive firewalling.
Details
A vulnerability, which was classified as problematic, was found in Kerio WinRoute Firewall (Firewall Software) (affected version unknown). This affects an unknown functionality of the component SMTP Inspector. The manipulation with an unknown input leads to a denial of service vulnerability. CWE is classifying the issue as CWE-404. The product does not release or incorrectly releases a resource before it is made available for re-use. This is going to have an impact on availability.
The weakness was shared 12/09/2004 by Kerio Technologies and Inc. with Kerio Technologies, Inc. (Website). The advisory is shared at kerio.com. Neither technical details nor an exploit are publicly available.
It is possible to mitigate the weakness by firewalling .
The vulnerability is also documented in the databases at X-Force (18410), SecurityFocus (BID 11870†), OSVDB (12294†) and Secunia (SA13374†). The entries VDB-23367, VDB-28416, VDB-30122 and VDB-40069 are related to this item. Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
Product
Type
Vendor
Name
License
Website
- Vendor: http://kerio.com/
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 3.3VulDB Meta Temp Score: 3.3
VulDB Base Score: 3.3
VulDB Temp Score: 3.3
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
Exploiting
Class: Denial of serviceCWE: CWE-404
CAPEC: 🔍
ATT&CK: 🔍
Physical: Partially
Local: Yes
Remote: No
Availability: 🔍
Status: Not defined
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: FirewallStatus: 🔍
0-Day Time: 🔍
Timeline
12/09/2004 🔍12/09/2004 🔍
12/09/2004 🔍
12/10/2004 🔍
04/12/2016 🔍
10/05/2018 🔍
Sources
Vendor: kerio.comAdvisory: kerio.com
Researcher: Kerio Technologies, Inc.
Organization: Kerio Technologies, Inc.
Status: Not defined
GCVE (VulDB): GCVE-100-82209
X-Force: 18410
SecurityFocus: 11870 - Kerio WinRoute Firewall Multiple Unspecified Remote Vulnerabilities
Secunia: 13374 - Kerio WinRoute Firewall Two Vulnerabilities, Moderately Critical
OSVDB: 12294 - Kerio WinRoute Firewall SMTP Inspector Unspecified DoS
See also: 🔍
Entry
Created: 04/12/2016 18:00Updated: 10/05/2018 07:36
Changes: 04/12/2016 18:00 (43), 10/05/2018 07:36 (9)
Complete: 🔍
Cache ID: 216:29A:103
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
No comments yet. Languages: en.
Please log in to comment.