CVE-2003-0220
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2003-0220
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Buffer overflow in the administrator authentication process for Kerio Personal Firewall (KPF) 2.1.4 and earlier allows remote attackers to execute arbitrary code via a handshake packet.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Kerio Personal Firewall验证包远程缓冲区溢出漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Kerio Personal Firewall (KPF)是一款个人防火墙系统。 Kerio个人防火墙管理验证处理过程存在问题,远程攻击者可以利用这个漏洞伪造恶意包触发缓冲区溢出,可能以管理员权限在系统上执行任意指令。 当管理员连接防火墙时会进行握手连接,用于建立加密会话,握手的第4个包(第一个包是管理员发送)包含4字节数据,其中有一定固定值0x40 (64)指示后续的包含管理员密钥的包的大小。防火墙端在使用recv()处理这个数据的时候没有进行边界缓冲区检查,如果攻击者伪造包含超大数据的包发送给防火墙,
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Shenlong Deep Dive — AI Deep Analysis
10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2003-0220
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2003-0220
Please Login to view more intelligence information
Same Patch Batch · n/a · 2003-04-29 · 6 CVEs total
| CVE-2003-0084 | Apache Mod_Auth_Any远程命令执行漏洞 | |
| CVE-2003-0174 | SGI IRIX名字服务守护程序LDAP用户密码绕过漏洞 | |
| CVE-2003-0218 | Monkey HTTP Daemon 缓冲区错误漏洞 | |
| CVE-2003-0219 | Kerio个人防火墙重放攻击漏洞 | |
| CVE-2003-0221 | HP Tru64安装软件符合链接攻击漏洞 |
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8226
Open5GS types.c ogs_pcc_rule_install_flow_from_media denial - CVE-2026-8225
Open5GS delete Endpoint sm-sm.c pcf_npcf_smpolicycontrol_han - CVE-2026-8224
Open5GS PCF context.c pcf_sess_set_ipv6prefix denial of serv - CVE-2026-8223
Open5GS sm-policies Endpoint pcf_sess_sbi_discover_and_send - CVE-2026-8222
Open5GS sm-policies Endpoint nbsf-handler.c pcf_nbsf_managem
V. Comments for CVE-2003-0220
No comments yet