CVE-2004-1023

First published: Wed Dec 15 2004(Updated: )

Kerio Winroute Firewall before 6.0.9, ServerFirewall before 1.0.1, and MailServer before 6.0.5, when installed on Windows based systems, do not modify the ACLs for critical files, which allows local users with Power Users privileges to modify programs, install malicious DLLs in the plug-ins folder, and modify XML files related to configuration.

Credit: cve@mitre.org

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• collector/nvd-historical
• collector/nvd-index
• agent/references
• agent/severity
• agent/weakness
• agent/author
• agent/type
• agent/description
• agent/event
• agent/first-publish-date
• agent/softwarecombine
• agent/last-modified-date
• agent/tags
• collector/mitre-cve
• source/MITRE
• vendor/kerio
• canonical/kerio winroute firewall
• version/kerio winroute firewall/6.0.1
• version/kerio winroute firewall/6.0.4
• version/kerio winroute firewall/6.0.3
• version/kerio winroute firewall/6.0.6
• version/kerio winroute firewall/6.0.0
• version/kerio winroute firewall/6.0.5
• version/kerio winroute firewall/6.0.2
• canonical/kerio kerio mailserver
• version/kerio kerio mailserver/6.0.4
• version/kerio kerio mailserver/6.0.2
• version/kerio winroute firewall/6.0.8
• canonical/kerio serverfirewall
• version/kerio serverfirewall/1.0.0
• version/kerio winroute firewall/6.0.7
• version/kerio kerio mailserver/6.0.1
• version/kerio kerio mailserver/6.0.3
• version/kerio kerio mailserver/6.0.0