VULHUB ™

Kerio Personal Firewall has been reported prone to a replay attack vulnerability. It has been reported that Kerio Personal Firewall is vulnerable to a replay attack against the authenticated/encrypted channel for remote administration. A remote attacker, who has the ability to capture network traffic destined for the Kerio Personal Firewall, may replay communication data captured from a valid remote Firewall administration session. An attacker may exploit this vulnerability to capture configuration changes or disable firewall directives and replay the commands at the attackers convenience.

Kerio Personal Firewall has been reported prone to a replay attack vulnerability. It has been reported that Kerio Personal Firewall is vulnerable to a replay attack against the authenticated/encrypted channel for remote administration. A remote attacker, who has the ability to capture network traffic destined for the Kerio Personal Firewall, may replay communication data captured from a valid remote Firewall administration session. An attacker may exploit this vulnerability to capture configuration changes or disable firewall directives and replay the commands at the attackers convenience.