VYPR
Unrated severityNVD Advisory· Published Oct 5, 2006· Updated Jun 16, 2026

CVE-2006-5153

CVE-2006-5153

Description

The (1) fwdrv.sys and (2) khips.sys drivers in Sunbelt Kerio Personal Firewall 4.3.268 and earlier do not validate arguments passed through to SSDT functions, including NtCreateFile, NtDeleteFile, NtLoadDriver, NtMapViewOfSection, NtOpenFile, and NtSetInformationFile, which allows local users to cause a denial of service (crash) and possibly other impacts via unspecified vectors.

Affected products

19
  • cpe:2.3:a:kerio:personal_firewall:4.0.10:*:*:*:*:*:*:*+ 18 more
    • cpe:2.3:a:kerio:personal_firewall:4.0.10:*:*:*:*:*:*:*
    • cpe:2.3:a:kerio:personal_firewall:4.0.11:*:*:*:*:*:*:*
    • cpe:2.3:a:kerio:personal_firewall:4.0.12:*:*:*:*:*:*:*
    • cpe:2.3:a:kerio:personal_firewall:4.0.13:*:*:*:*:*:*:*
    • cpe:2.3:a:kerio:personal_firewall:4.0.14:*:*:*:*:*:*:*
    • cpe:2.3:a:kerio:personal_firewall:4.0.15:*:*:*:*:*:*:*
    • cpe:2.3:a:kerio:personal_firewall:4.0.16:*:*:*:*:*:*:*
    • cpe:2.3:a:kerio:personal_firewall:4.0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:kerio:personal_firewall:4.0.7:*:*:*:*:*:*:*
    • cpe:2.3:a:kerio:personal_firewall:4.0.8:*:*:*:*:*:*:*
    • cpe:2.3:a:kerio:personal_firewall:4.0.9:*:*:*:*:*:*:*
    • cpe:2.3:a:kerio:personal_firewall:4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:kerio:personal_firewall:4.1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:kerio:personal_firewall:4.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:kerio:personal_firewall:4.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:kerio:personal_firewall:4.2:*:*:*:*:*:*:*
    • cpe:2.3:a:kerio:personal_firewall:4.3.246:*:*:*:*:*:*:*
    • cpe:2.3:a:kerio:personal_firewall:4.3.268:*:*:*:*:*:*:*
    • (no CPE)range: <=4.3.268

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.