Firewall UDP Packet Source Port 53 Ruleset Bypass

High Nessus Plugin ID 11580


Firewall rulesets can be bypassed.


It is possible to bypass the rules of the remote firewall by sending UDP packets with a source port equal to 53.

An attacker may use this flaw to inject UDP packets to the remote hosts, in spite of the presence of a firewall.


Either contact the vendor for an update or review the firewall rules settings.

See Also

Plugin Details

Severity: High

ID: 11580

File Name: kerio_PF_udpbypass.nasl

Version: $Revision: 1.30 $

Type: remote

Family: Firewalls

Published: 2003/05/06

Modified: 2016/11/23

Risk Information

Risk Factor: High


Base Score: 7.5

Temporal Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:ND/RL:U/RC:ND

Vulnerability Information

CPE: cpe:/a:kerio:personal_firewall

Required KB Items: Settings/ParanoidReport

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2004/09/22

Vulnerability Publication Date: 2003/04/23

Reference Information

CVE: CVE-2003-1491, CVE-2004-1473

BID: 7436, 11237

OSVDB: 10205, 60212

CWE: 16, 94