Entreprise d'experts en Sécurité Informatique : Audits et conseils en cybersécurité
Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com


CVE-2005-3286

Description

The FWDRV driver in Kerio Personal Firewall 4.2 and Server Firewall 1.1.1 allows local users to cause a denial of service (crash) by setting the PAGE_NOACCESS or PAGE_GUARD protection on the Page Environment Block (PEB), which triggers an exception, aka the "PEB lockout vulnerability."

POC

Reference

- http://pb.specialised.info/all/adv/kerio-fwdrv-dos-adv.txt

- http://seclists.org/bugtraq/2005/Oct/166

- http://securityreason.com/securityalert/78

Github

No PoCs found on GitHub currently.