VULHUB ™

A vulnerability is reported to affect Kerio Personal Firewall (KPF) 'Application Security' functionality that could permit an executable that is run by an administrator to disable KPF 'Application Security' functionality. It is reported that (KPF) 'Application Security' functionality employs a modified Service Description Table in order to function. It is possible to restore the Service Description Table to its original state. A malicious application that is run by an administrator can read an intact SDT table from kernel memory and restore the SDT table in the running kernel by writing to kernel memory space. This will disable Kerio Personal Firewall (KPF) 'Application Security' functionality.

A vulnerability is reported to affect Kerio Personal Firewall (KPF) 'Application Security' functionality that could permit an executable that is run by an administrator to disable KPF 'Application Security' functionality. It is reported that (KPF) 'Application Security' functionality employs a modified Service Description Table in order to function. It is possible to restore the Service Description Table to its original state. A malicious application that is run by an administrator can read an intact SDT table from kernel memory and restore the SDT table in the running kernel by writing to kernel memory space. This will disable Kerio Personal Firewall (KPF) 'Application Security' functionality.