CVE-2006-5153

Name of the Vulnerable Software and Affected Versions Sunbelt Kerio Personal Firewall versions 4.3.268 and earlier

Description The issue concerns the fwdrv.sys and khips.sys drivers, which do not validate arguments passed to SSDT functions. This includes functions such as NtCreateFile, NtDeleteFile, NtLoadDriver, NtMapViewOfSection, NtOpenFile, and NtSetInformationFile. As a result, local users can cause a denial of service, potentially leading to a system crash, and possibly other impacts.

Recommendations For Sunbelt Kerio Personal Firewall versions 4.3.268 and earlier, consider updating to a version that addresses this issue, as the current version allows for potential denial of service and other impacts due to the lack of argument validation in the fwdrv.sys and khips.sys drivers. At the moment, there is no information about a newer version that contains a fix for this vulnerability.