Sign-up

ID

VAR-200607-0364


CVE

CVE-2006-3787


TITLE

Sunbelt Kerio Personal Firewall of kpf4ss.exe Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2006-002875

DESCRIPTION

kpf4ss.exe in Sunbelt Kerio Personal Firewall 4.3.x before 4.3.268 does not properly hook the CreateRemoteThread API function, which allows local users to cause a denial of service (crash) and bypass protection mechanisms by calling CreateRemoteThread. Sunbelt Kerio Personal Firewall is prone to a denial-of-service vulnerability. This issue can occur when a program calls the 'CreateRemoteThread' Windows API call. Exploitation of this vulnerability could cause the firewall application to crash. This could expose the computer to further attacks. The individual who discovered this vulnerability claims to have tested it on Sunbelt Kerio Personal Firewall versions 4.3.246 and 4.2.3.912. They were unable to reproduce the vulnerability on version 4.2.3.912, which is an older release. The vulnerable functionality may have been introduced at some point after the 4.2.3.912 release, but this has not been confirmed

Trust: 2.07

sources: NVD: CVE-2006-3787 // JVNDB: JVNDB-2006-002875 // BID: 18996 // VULHUB: VHN-19895 // VULMON: CVE-2006-3787

AFFECTED PRODUCTS

vendor:keriomodel:personal firewallscope:lteversion:4.3.246

Trust: 1.0

vendor:keriomodel:personal firewallscope:eqversion:4.3.268

Trust: 0.8

vendor:keriomodel:personal firewallscope:ltversion:4.3.x

Trust: 0.8

vendor:keriomodel:personal firewallscope:eqversion:4.3.246

Trust: 0.6

vendor:sunbeltmodel:software kerio personal firewallscope:eqversion:4.3.426

Trust: 0.3

vendor:sunbeltmodel:software kerio personal firewallscope:neversion:4.2.3912

Trust: 0.3

sources: BID: 18996 // JVNDB: JVNDB-2006-002875 // CNNVD: CNNVD-200607-390 // NVD: CVE-2006-3787

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2006-3787
value: LOW

Trust: 1.0

NVD: CVE-2006-3787
value: LOW

Trust: 0.8

CNNVD: CNNVD-200607-390
value: LOW

Trust: 0.6

VULHUB: VHN-19895
value: LOW

Trust: 0.1

VULMON: CVE-2006-3787
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2006-3787
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:N/I:N/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-19895
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:N/I:N/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-19895 // VULMON: CVE-2006-3787 // JVNDB: JVNDB-2006-002875 // CNNVD: CNNVD-200607-390 // NVD: CVE-2006-3787

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2006-3787

THREAT TYPE

local

Trust: 0.9

sources: BID: 18996 // CNNVD: CNNVD-200607-390

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-200607-390

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2006-002875

EXPLOIT AVAILABILITY
sources:
            
            
            VULHUB: VHN-19895 // 
            
            
            
            VULMON: CVE-2006-3787

PATCH
title:Personal Firewallurl:http://www.vipreantivirus.com/VIPRE-Internet-Security/
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2006-002875

EXTERNAL IDS
db:NVDid:CVE-2006-3787
Trust: 2.6
db:BIDid:18996
Trust: 2.1
db:VUPENid:ADV-2006-2828
Trust: 1.8
db:SREASONid:1260
Trust: 1.8
db:SECUNIAid:21060
Trust: 1.8
db:JVNDBid:JVNDB-2006-002875
Trust: 0.8
db:CNNVDid:CNNVD-200607-390
Trust: 0.7
db:BUGTRAQid:20060715 KERIO TERMINATING 'KPF4SS.EXE' USING INTERNAL RUNTIME ERROR VULNERABILITY
Trust: 0.6
db:EXPLOIT-DBid:28228
Trust: 0.2
db:SEEBUGid:SSVID-81805
Trust: 0.1
db:VULHUBid:VHN-19895
Trust: 0.1
db:VULMONid:CVE-2006-3787
Trust: 0.1
sources:
            
            
            VULHUB: VHN-19895 // 
            
            
            
            VULMON: CVE-2006-3787 // 
            
            
            
            BID: 18996 // 
            
            
            
            JVNDB: JVNDB-2006-002875 // 
            
            
            
            CNNVD: CNNVD-200607-390 // 
            
            
            
            NVD: CVE-2006-3787

REFERENCES
url:http://www.matousec.com/info/advisories/kerio-terminating-kpf4ss-exe-using-internal-runtime-error.php
Trust: 2.1
url:http://www.securityfocus.com/bid/18996
Trust: 1.8
url:http://secunia.com/advisories/21060
Trust: 1.8
url:http://securityreason.com/securityalert/1260
Trust: 1.8
url:http://www.securityfocus.com/archive/1/440112/100/100/threaded
Trust: 1.2
url:http://www.vupen.com/english/advisories/2006/2828
Trust: 1.2
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3787
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-3787
Trust: 0.8
url:http://www.securityfocus.com/archive/1/archive/1/440112/100/100/threaded
Trust: 0.6
url:http://www.frsirt.com/english/advisories/2006/2828
Trust: 0.6
url:http://www.sunbelt-software.com/kerio.cfm
Trust: 0.3
url:/archive/1/440112
Trust: 0.3
url:https://cwe.mitre.org/data/definitions/.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
url:https://www.exploit-db.com/exploits/28228/
Trust: 0.1
sources:
            
            
            VULHUB: VHN-19895 // 
            
            
            
            VULMON: CVE-2006-3787 // 
            
            
            
            BID: 18996 // 
            
            
            
            JVNDB: JVNDB-2006-002875 // 
            
            
            
            CNNVD: CNNVD-200607-390 // 
            
            
            
            NVD: CVE-2006-3787

CREDITS
Discovery is credited to David Matousek.
Trust: 0.9
sources:
            
            
            BID: 18996 // 
            
            
            
            CNNVD: CNNVD-200607-390

SOURCES
db:VULHUBid:VHN-19895
db:VULMONid:CVE-2006-3787
db:BIDid:18996
db:JVNDBid:JVNDB-2006-002875
db:CNNVDid:CNNVD-200607-390
db:NVDid:CVE-2006-3787

LAST UPDATE DATE
2025-04-03T22:31:26.282000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-19895date:2018-10-17T00:00:00
db:VULMONid:CVE-2006-3787date:2018-10-17T00:00:00
db:BIDid:18996date:2006-07-28T22:27:00
db:JVNDBid:JVNDB-2006-002875date:2012-12-20T00:00:00
db:CNNVDid:CNNVD-200607-390date:2006-09-20T00:00:00
db:NVDid:CVE-2006-3787date:2025-04-03T01:03:51.193

SOURCES RELEASE DATE
db:VULHUBid:VHN-19895date:2006-07-24T00:00:00
db:VULMONid:CVE-2006-3787date:2006-07-24T00:00:00
db:BIDid:18996date:2006-07-15T00:00:00
db:JVNDBid:JVNDB-2006-002875date:2012-12-20T00:00:00
db:CNNVDid:CNNVD-200607-390date:2006-07-24T00:00:00
db:NVDid:CVE-2006-3787date:2006-07-24T12:19:00