Jump to content

Build Theme!
  •  
  • Unreplied Topics
  • Downloads
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93112 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

Kerio updates/advisories

Started by AplusWebMaster , Nov 30 2010 11:10 AM

  • Please log in to reply
1 reply to this topic

#1 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPipPip
  • 10,472 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 30 November 2010 - 11:10 AM

FYI...

Kerio Control v7.1.0 released
- http://secunia.com/advisories/42388/
Release Date: 2010-11-30
Criticality level: Moderately critical
Impact: Unknown
Where: From remote
Solution Status: Vendor Patch
Software: Kerio Control 7.x
... vulnerability is reported in versions prior to 7.1.0.
Solution: Update to version 7.1.0.
Original Advisory:
http://www.kerio.com/control/history
(formerly Kerio WinRoute Firewall)
Version 7.1.0 - November 30, 2010

:ph34r:

Edited by AplusWebMaster, 30 November 2010 - 11:24 AM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

    Advertisements

Register to Remove

#2 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPipPip
  • 10,472 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 21 December 2010 - 08:47 AM

FYI...

Kerio Firewall vuln - patch available
- http://www.securityt....com/id?1024913
Dec 20 2010
Solution: The vendor has issued a fix (7.1.0 Patch 1).
The vendor's advisory is available* ...
* http://www.kerio.com...advisories#1012
Date: December 20, 2010
Severity: High
Name: HTTP cache poisoning vulnerability
Affected products: Kerio WinRoute Firewall all versions, Kerio Control up to version 7.1.0
Fix availability: The following product versions are not vulnerable: Kerio Control version 7.1.0 Patch 1 and higher.
Description: By sending a specially crafted HTTP data over a non-HTTP TCP connection a malicious web site could trick the HTTP cache to store arbitrary data. That data would then be served to clients instead of the legitimate content.
Mitigation factors: HTTP cache is disabled by default. It must be enabled in order for this attack to succeed.
Workaround: Disable HTTP cache...
> http://www.kerio.com/node/588
Release history

:ph34r:

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

Related Topics

Back to Archive Old Updates · Next Unread Topic →

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

  1. What the Tech
  2. Discussion
  3. Updates To Software
  4. Archive Old Updates
  5. Privacy Policy
  6. Terms of Use ·