Unrated severityNVD Advisory· Published Oct 5, 2006· Updated Jun 16, 2026
CVE-2006-5153
CVE-2006-5153
Description
The (1) fwdrv.sys and (2) khips.sys drivers in Sunbelt Kerio Personal Firewall 4.3.268 and earlier do not validate arguments passed through to SSDT functions, including NtCreateFile, NtDeleteFile, NtLoadDriver, NtMapViewOfSection, NtOpenFile, and NtSetInformationFile, which allows local users to cause a denial of service (crash) and possibly other impacts via unspecified vectors.
Affected products
19cpe:2.3:a:kerio:personal_firewall:4.0.10:*:*:*:*:*:*:*+ 18 more
- cpe:2.3:a:kerio:personal_firewall:4.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:kerio:personal_firewall:4.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:kerio:personal_firewall:4.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:kerio:personal_firewall:4.0.13:*:*:*:*:*:*:*
- cpe:2.3:a:kerio:personal_firewall:4.0.14:*:*:*:*:*:*:*
- cpe:2.3:a:kerio:personal_firewall:4.0.15:*:*:*:*:*:*:*
- cpe:2.3:a:kerio:personal_firewall:4.0.16:*:*:*:*:*:*:*
- cpe:2.3:a:kerio:personal_firewall:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:kerio:personal_firewall:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:kerio:personal_firewall:4.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:kerio:personal_firewall:4.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:kerio:personal_firewall:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:kerio:personal_firewall:4.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:kerio:personal_firewall:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:kerio:personal_firewall:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:kerio:personal_firewall:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:kerio:personal_firewall:4.3.246:*:*:*:*:*:*:*
- cpe:2.3:a:kerio:personal_firewall:4.3.268:*:*:*:*:*:*:*
- (no CPE)range: <=4.3.268
Patches
Vulnerability mechanics
References
8- www.matousec.com/info/advisories/Kerio-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.phpnvdExploitVendor Advisory
- www.securityfocus.com/bid/20299nvdExploit
- secunia.com/advisories/22234nvdVendor Advisory
- securityreason.com/securityalert/1685nvd
- securitytracker.com/idnvd
- www.securityfocus.com/archive/1/447504/100/0/threadednvd
- www.vupen.com/english/advisories/2006/3872nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/29313nvd
News mentions
0No linked articles in our index yet.