TITLE:
Kerio WinRoute Firewall Denial of Service Vulnerabilities

SECUNIA ADVISORY ID:
SA18542

VERIFY ADVISORY:
http://secunia.com/advisories/18542/

CRITICAL:
Moderately critical

IMPACT:
DoS

WHERE:
From remote

SOFTWARE:
Kerio WinRoute Firewall 6.x
http://secunia.com/product/3613/

DESCRIPTION:
Two vulnerabilities have been reported in Kerio WinRoute Firewall,
which potentially can be exploited by malicious people to cause a DoS
(Denial of Service).

1) An error in the handling of certain data when performing HTML
content filtering may be exploited to cause a DoS.

2) An error in the handling of overly long strings fetched from the
Active Directory may be exploited to cause a DoS.

Some other errors, which may be security related, have also been
fixed.

SOLUTION:
Update to version 6.1.4 Patch 1.
http://www.kerio.com/kwf_download.html

PROVIDED AND/OR DISCOVERED BY:
Reported by vendor.

ORIGINAL ADVISORY:
http://www.kerio.com/kwf_history.html