Critical: Moderately critical
Impact: DoS
Where: From remote
Solution Status: Vendor Patch

eEye Digital Security has reported a vulnerability in Kerio Personal Firewall, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to an error in “FWDRV.SYS” when performing low-level processing of TCP, UDP, and ICMP packets. This can be exploited to consume all available CPU resources by sending a specially-crafted packet containing an IP option followed by a length field with the value of “0×00.”

Successful exploitation causes the system to stop responding and requires the system to be restarted.

The vulnerability affects versions 4.0.0 through 4.1.1.

Solution: Update to version 4.1.2.