Kerio WinRoute Firewall Unspecified Malformed HTTP Header Denial of Service Vulnerability

BID:9964

Info

Kerio WinRoute Firewall Unspecified Malformed HTTP Header Denial of Service Vulnerability

Bugtraq ID: 9964
Class: Failure to Handle Exceptional Conditions
CVE:
Remote: Yes
Local: No
Published: Mar 24 2004 12:00AM
Updated: Mar 24 2004 12:00AM
Credit: This issue was disclosed in the product's release history.
Vulnerable: Kerio WinRoute Firewall 5.1.9
Kerio WinRoute Firewall 5.1.8
Kerio WinRoute Firewall 5.1.7
Kerio WinRoute Firewall 5.1.6
Kerio WinRoute Firewall 5.1.5
Kerio WinRoute Firewall 5.1.4
Kerio WinRoute Firewall 5.1.3
Kerio WinRoute Firewall 5.1.2
Kerio WinRoute Firewall 5.1.1
Kerio WinRoute Firewall 5.1
Kerio WinRoute Firewall 5.0.9
Kerio WinRoute Firewall 5.0.8
Kerio WinRoute Firewall 5.0.7
Kerio WinRoute Firewall 5.0.6
Kerio WinRoute Firewall 5.0.5
Kerio WinRoute Firewall 5.0.4
Kerio WinRoute Firewall 5.0.3
Kerio WinRoute Firewall 5.0.2
- Microsoft Windows 2000 Advanced Server SP3
 - Microsoft Windows 2000 Advanced Server SP2
 - Microsoft Windows 2000 Advanced Server SP1
 - Microsoft Windows 2000 Advanced Server
- Microsoft Windows 2000 Professional SP3
 - Microsoft Windows 2000 Professional SP2
 - Microsoft Windows 2000 Professional SP1
 - Microsoft Windows 2000 Professional
- Microsoft Windows 2000 Server SP3
 - Microsoft Windows 2000 Server SP2
 - Microsoft Windows 2000 Server SP1
 - Microsoft Windows 2000 Server
- Microsoft Windows 2000 Terminal Services SP3
 - Microsoft Windows 2000 Terminal Services SP2
 - Microsoft Windows 2000 Terminal Services SP1
 - Microsoft Windows 2000 Terminal Services
- Microsoft Windows NT Enterprise Server 4.0 SP6a
 - Microsoft Windows NT Enterprise Server 4.0 SP6
 - Microsoft Windows NT Enterprise Server 4.0 SP5
 - Microsoft Windows NT Enterprise Server 4.0 SP4
 - Microsoft Windows NT Enterprise Server 4.0 SP3
 - Microsoft Windows NT Enterprise Server 4.0 SP2
 - Microsoft Windows NT Enterprise Server 4.0 SP1
 - Microsoft Windows NT Enterprise Server 4.0
 - Microsoft Windows NT Server 4.0 SP6a
 - Microsoft Windows NT Server 4.0 SP6
 - Microsoft Windows NT Server 4.0 SP5
 - Microsoft Windows NT Server 4.0 SP4
 - Microsoft Windows NT Server 4.0 SP3
 - Microsoft Windows NT Server 4.0 SP2
 - Microsoft Windows NT Server 4.0 SP1
 - Microsoft Windows NT Server 4.0
 - Microsoft Windows NT Terminal Server 4.0 SP6
 - Microsoft Windows NT Terminal Server 4.0 SP5
 - Microsoft Windows NT Terminal Server 4.0 SP4
 - Microsoft Windows NT Terminal Server 4.0 SP3
 - Microsoft Windows NT Terminal Server 4.0 SP2
 - Microsoft Windows NT Terminal Server 4.0 SP1
 - Microsoft Windows NT Terminal Server 4.0
 - Microsoft Windows NT Workstation 4.0 SP6a
 - Microsoft Windows NT Workstation 4.0 SP6
 - Microsoft Windows NT Workstation 4.0 SP5
 - Microsoft Windows NT Workstation 4.0 SP4
 - Microsoft Windows NT Workstation 4.0 SP3
 - Microsoft Windows NT Workstation 4.0 SP2
 - Microsoft Windows NT Workstation 4.0 SP1
 - Microsoft Windows NT Workstation 4.0
 - Microsoft Windows XP Home SP1
 - Microsoft Windows XP Home
- Microsoft Windows XP Professional SP1
 - Microsoft Windows XP Professional
Kerio WinRoute Firewall 5.0.1
- Microsoft Windows 2000 Advanced Server SP3
 - Microsoft Windows 2000 Advanced Server SP2
 - Microsoft Windows 2000 Advanced Server SP1
 - Microsoft Windows 2000 Advanced Server
- Microsoft Windows 2000 Professional SP3
 - Microsoft Windows 2000 Professional SP2
 - Microsoft Windows 2000 Professional SP1
 - Microsoft Windows 2000 Professional
- Microsoft Windows 2000 Server SP3
 - Microsoft Windows 2000 Server SP2
 - Microsoft Windows 2000 Server SP1
 - Microsoft Windows 2000 Server
- Microsoft Windows 2000 Terminal Services SP3
 - Microsoft Windows 2000 Terminal Services SP2
 - Microsoft Windows 2000 Terminal Services SP1
 - Microsoft Windows 2000 Terminal Services
- Microsoft Windows NT Enterprise Server 4.0 SP6a
 - Microsoft Windows NT Enterprise Server 4.0 SP6
 - Microsoft Windows NT Enterprise Server 4.0 SP5
 - Microsoft Windows NT Enterprise Server 4.0 SP4
 - Microsoft Windows NT Enterprise Server 4.0 SP3
 - Microsoft Windows NT Enterprise Server 4.0 SP2
 - Microsoft Windows NT Enterprise Server 4.0 SP1
 - Microsoft Windows NT Enterprise Server 4.0
 - Microsoft Windows NT Server 4.0 SP6a
 - Microsoft Windows NT Server 4.0 SP6
 - Microsoft Windows NT Server 4.0 SP5
 - Microsoft Windows NT Server 4.0 SP4
 - Microsoft Windows NT Server 4.0 SP3
 - Microsoft Windows NT Server 4.0 SP2
 - Microsoft Windows NT Server 4.0 SP1
 - Microsoft Windows NT Server 4.0
 - Microsoft Windows NT Terminal Server 4.0 SP6
 - Microsoft Windows NT Terminal Server 4.0 SP5
 - Microsoft Windows NT Terminal Server 4.0 SP4
 - Microsoft Windows NT Terminal Server 4.0 SP3
 - Microsoft Windows NT Terminal Server 4.0 SP2
 - Microsoft Windows NT Terminal Server 4.0 SP1
 - Microsoft Windows NT Terminal Server 4.0
 - Microsoft Windows NT Workstation 4.0 SP6a
 - Microsoft Windows NT Workstation 4.0 SP6
 - Microsoft Windows NT Workstation 4.0 SP5
 - Microsoft Windows NT Workstation 4.0 SP4
 - Microsoft Windows NT Workstation 4.0 SP3
 - Microsoft Windows NT Workstation 4.0 SP2
 - Microsoft Windows NT Workstation 4.0 SP1
 - Microsoft Windows NT Workstation 4.0
 - Microsoft Windows XP Home SP1
 - Microsoft Windows XP Home
- Microsoft Windows XP Professional SP1
 - Microsoft Windows XP Professional
Not Vulnerable: Kerio WinRoute Firewall 5.1.10

Discussion

Kerio WinRoute Firewall Unspecified Malformed HTTP Header Denial of Service Vulnerability

It has been reported that WinRoute Firewall may be prone to an unspecified remote denial of service vulnerability that may allow an attacker to cause the firewall process to crash or hang. This issue occurs when the application parses malformed HTTP headers.

WinRoute Firewall versions 5.1.9 and prior are reported prone to this issue.

Due to a lack of details, further information is not available at the moment. This BID will be updated as more information becomes available.

Exploit / POC

Kerio WinRoute Firewall Unspecified Malformed HTTP Header Denial of Service Vulnerability

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.

Solution / Fix

Kerio WinRoute Firewall Unspecified Malformed HTTP Header Denial of Service Vulnerability

Solution:
Kerio has released version 5.1.10 of WinRoute Firewall to address this issue. Users are advised to contact the vendor to obtain an upgrade.

References

Kerio WinRoute Firewall Unspecified Malformed HTTP Header Denial of Service Vulnerability

References:
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report