Kerio PF Administration exploit v1.28 Vulnerability exploited: CAN-2003-0220 - BID-7180 Category: Exploits/Remote Installs an agent exploiting a buffer overflow vulnerability in Kerio Personal Firewall remote administration service. Buffer overflow in the administrator authentication process for Kerio Personal Firewall (KPF) 2.1.4 and earlier allows remote attackers to execute arbitrary code via a handshake packet. Supported Systems: Windows 2000 Professional - sp0 (i386) Windows 2000 Professional - sp1 (i386) Windows 2000 Professional - sp2 (i386) Windows 2000 Professional - sp3 (i386) Windows 2000 Server - sp0 (i386) Windows 2000 Server - sp1 (i386) Windows 2000 Server - sp2 (i386) Windows 2000 Server - sp3 (i386) Windows 2000 Advanced Server - sp0 (i386) Windows 2000 Advanced Server - sp1 (i386) Windows 2000 Advanced Server - sp2 (i386) Windows 2000 Advanced Server - sp3 (i386) Windows XP Professional - sp0 (i386) Windows XP Professional - sp1 (i386) Windows XP Home Edition - sp0 (i386) Windows XP Home Edition - sp1 (i386) KerioPersonalFirewall 2.1.4 (04/15/2002) Windows 2000 Service Pack 0,1,2,3 (All editions) KerioPersonalFirewall 2.1.4 (04/15/2002) Windows XP Service Pack 0,1 (All editions) This module is included in the latest version of CORE IMPACT, the first automated comprehensive penetration testing product for accurately identifying information security risks. Click here to learn more about the product.