Default Rule Bypass Vulnerability in Kerio Personal Firewall (KPF) 2.1.4

CVE-2003-1491 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Kerio Personal Firewall (KPF) 2.1.4 has a default rule to accept incoming packets from DNS (UDP port 53), which allows remote attackers to bypass the firewall filters via packets with a source port of 53.

Learn more about our Web Application Penetration Testing UK.