Lucene search

[email protected]CVE-2005-1062

HistoryMay 02, 2005 - 4:00 a.m.

CVE-2005-1062

2005-05-0204:00:00

[email protected]

web.nvd.nist.gov

kerio winroute firewall

personal firewall

mailserver

brute force

remote attack

password security

cve-2005-1062

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.8 Medium

AI Score

Confidence

Low

0.01 Low

EPSS

Percentile

83.7%

JSON

The administration protocol for Kerio WinRoute Firewall 6.x up to 6.0.10, Personal Firewall 4.x up to 4.1.2, and MailServer up to 6.0.8 allows remote attackers to quickly obtain passwords that are 5 characters or less via brute force methods.

Affected configurations

NVD

Node

keriokerio_mailserverMatch6.0.0

keriokerio_mailserverMatch6.0.1

keriokerio_mailserverMatch6.0.2

keriokerio_mailserverMatch6.0.3

keriokerio_mailserverMatch6.0.4

keriokerio_mailserverMatch6.0.5

keriokerio_mailserverMatch6.0.6

keriokerio_mailserverMatch6.0.7

keriokerio_mailserverMatch6.0.8

keriopersonal_firewallMatch4.0.7

keriopersonal_firewallMatch4.0.8

keriopersonal_firewallMatch4.0.9

keriopersonal_firewallMatch4.0.10

keriopersonal_firewallMatch4.0.11

keriopersonal_firewallMatch4.0.12

keriopersonal_firewallMatch4.0.13

keriopersonal_firewallMatch4.0.14

keriopersonal_firewallMatch4.0.15

keriopersonal_firewallMatch4.0.16

keriopersonal_firewallMatch4.1.0

keriopersonal_firewallMatch4.1.1

keriopersonal_firewallMatch4.1.2

keriowinroute_firewallMatch6.0.0

keriowinroute_firewallMatch6.0.1

keriowinroute_firewallMatch6.0.2

keriowinroute_firewallMatch6.0.3

keriowinroute_firewallMatch6.0.4

keriowinroute_firewallMatch6.0.5

keriowinroute_firewallMatch6.0.6

keriowinroute_firewallMatch6.0.7

keriowinroute_firewallMatch6.0.8

keriowinroute_firewallMatch6.0.9

keriowinroute_firewallMatch6.0.10

CPENameOperatorVersion
kerio:kerio_mailserverkerio kerio mailservereq6.0.0
kerio:kerio_mailserverkerio kerio mailservereq6.0.1
kerio:kerio_mailserverkerio kerio mailservereq6.0.2
kerio:kerio_mailserverkerio kerio mailservereq6.0.3
kerio:kerio_mailserverkerio kerio mailservereq6.0.4
kerio:kerio_mailserverkerio kerio mailservereq6.0.5
kerio:kerio_mailserverkerio kerio mailservereq6.0.6
kerio:kerio_mailserverkerio kerio mailservereq6.0.7
kerio:kerio_mailserverkerio kerio mailservereq6.0.8
kerio:personal_firewallkerio personal firewalleq4.0.7

CPE	Name	Operator	Version
kerio:kerio_mailserver	kerio kerio mailserver	eq	6.0.0
kerio:kerio_mailserver	kerio kerio mailserver	eq	6.0.1
kerio:kerio_mailserver	kerio kerio mailserver	eq	6.0.2
kerio:kerio_mailserver	kerio kerio mailserver	eq	6.0.3
kerio:kerio_mailserver	kerio kerio mailserver	eq	6.0.4
kerio:kerio_mailserver	kerio kerio mailserver	eq	6.0.5
kerio:kerio_mailserver	kerio kerio mailserver	eq	6.0.6
kerio:kerio_mailserver	kerio kerio mailserver	eq	6.0.7
kerio:kerio_mailserver	kerio kerio mailserver	eq	6.0.8
kerio:personal_firewall	kerio personal firewall	eq	4.0.7

Rows per page:

1-10 of 331

References

research.tic.udc.es/scg/advisories/20050429-1.txt

www.kerio.com/security_advisory.html

www.securityfocus.com/archive/1/397221

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.8 Medium

AI Score

Confidence

Low

0.01 Low

EPSS

Percentile

83.7%

JSON

Related for CVE-2005-1062

securityvulns1 nvd1 cvelist1 openvas1