{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2004-09-02T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "Kerio Personal Firewall 4.0 (KPF4) allows local users with administrative privileges to bypass the Application Security feature and execute arbitrary processes by directly writing to \\device\\physicalmemory to restore the running kernel's SDT ServiceTable."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-10T14:57:01.000Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://www.security.org.sg/vuln/kerio4016.html"}, {"name": "kerio-pf-protection-dos(17270)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17270"}, {"name": "11096", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/11096"}, {"name": "12468", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/12468/"}, {"name": "20040902 Kerio Personal Firewall's Application Launch Protection Can Be Disabled by Direct Service Table Restoration", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://marc.info/?l=bugtraq&m=109420310631039&w=2"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-1658", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Kerio Personal Firewall 4.0 (KPF4) allows local users with administrative privileges to bypass the Application Security feature and execute arbitrary processes by directly writing to \\device\\physicalmemory to restore the running kernel's SDT ServiceTable."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.security.org.sg/vuln/kerio4016.html", "refsource": "MISC", "url": "http://www.security.org.sg/vuln/kerio4016.html"}, {"name": "kerio-pf-protection-dos(17270)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17270"}, {"name": "11096", "refsource": "BID", "url": "http://www.securityfocus.com/bid/11096"}, {"name": "12468", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/12468/"}, {"name": "20040902 Kerio Personal Firewall's Application Launch Protection Can Be Disabled by Direct Service Table Restoration", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq&m=109420310631039&w=2"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-08T01:00:36.880Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.security.org.sg/vuln/kerio4016.html"}, {"name": "kerio-pf-protection-dos(17270)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17270"}, {"name": "11096", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/11096"}, {"name": "12468", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/12468/"}, {"name": "20040902 Kerio Personal Firewall's Application Launch Protection Can Be Disabled by Direct Service Table Restoration", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=109420310631039&w=2"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-1658", "datePublished": "2005-02-20T05:00:00.000Z", "dateReserved": "2005-02-21T00:00:00.000Z", "dateUpdated": "2024-08-08T01:00:36.880Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:kerio:personal_firewall:4.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "E6C66920-4A4F-4335-B052-44E1F92F585B", "vulnerable": true}, {"criteria": "cpe:2.3:a:kerio:personal_firewall:4.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "658F01AE-C211-473C-BF70-E524E4310F20", "vulnerable": true}, {"criteria": "cpe:2.3:a:kerio:personal_firewall:4.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "1F769FAE-CC31-4C8B-B785-1423DFC2BA3B", "vulnerable": true}, {"criteria": "cpe:2.3:a:kerio:personal_firewall:4.0.9:*:*:*:*:*:*:*", "matchCriteriaId": "CB7202BC-AD0B-41B1-B7C1-7665498C967B", "vulnerable": true}, {"criteria": "cpe:2.3:a:kerio:personal_firewall:4.0.10:*:*:*:*:*:*:*", "matchCriteriaId": "38E60288-F9E6-4E7C-9B48-352277A34C85", "vulnerable": true}, {"criteria": "cpe:2.3:a:kerio:personal_firewall:4.0.16:*:*:*:*:*:*:*", "matchCriteriaId": "19EA5978-64EC-4B54-BC06-20324DB0E6CC", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Kerio Personal Firewall 4.0 (KPF4) allows local users with administrative privileges to bypass the Application Security feature and execute arbitrary processes by directly writing to \\device\\physicalmemory to restore the running kernel's SDT ServiceTable."}], "id": "CVE-2004-1658", "lastModified": "2026-04-16T00:27:16.627", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2004-09-02T04:00:00.000", "references": [{"source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq&m=109420310631039&w=2"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/12468/"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.security.org.sg/vuln/kerio4016.html"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Vendor Advisory"], "url": "http://www.securityfocus.com/bid/11096"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17270"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq&m=109420310631039&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/12468/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.security.org.sg/vuln/kerio4016.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Vendor Advisory"], "url": "http://www.securityfocus.com/bid/11096"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17270"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}