Kerio: >> Winroute Firewall >> 6.1.4_patch_1 Security Vulnerabilities
The proxy server in Kerio WinRoute Firewall before 6.4.1 does not properly enforce authentication for HTTPS pages, which has unknown impact and attack vectors. NOTE: it is not clear whether this issue crosses privilege boundaries.
CVSS Score
2.1
EPSS Score
0.001
Published
2007-12-15
Kerio WinRoute Firewall 6.2.2 and earlier allows remote attackers to cause a denial of service (crash) via malformed DNS responses.
CVSS Score
5.0
EPSS Score
0.018
Published
2006-10-20
Kerio WinRoute Firewall before 6.2.1 allows remote attackers to cause a denial of service (application crash) via unknown vectors in the "email protocol inspectors," possibly (1) SMTP and (2) POP3.
CVSS Score
5.0
EPSS Score
0.029
Published
2006-05-09
Kerio WinRoute Firewall before 6.1.4 Patch 2 allows attackers to cause a denial of service (CPU consumption and hang) via unknown vectors involving "browsing the web".
CVSS Score
5.0
EPSS Score
0.008
Published
2006-01-21