CVE-2004-1658

Name of the Vulnerable Software and Affected Versions Kerio Personal Firewall version 4.0

Description The issue allows local users with administrative privileges to bypass the Application Security feature. This is achieved by directly writing to the physical memory, specifically to restore the running kernel's SDT ServiceTable, thereby enabling the execution of arbitrary processes.

Recommendations For Kerio Personal Firewall version 4.0, consider restricting administrative privileges to minimize the risk of exploitation. As a temporary workaround, monitor system activity closely for any unauthorized process execution. At the moment, there is no information about a newer version that contains a fix for this vulnerability.