Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
27 vulnerabilities by agnitum
VAR-200412-0822
Vulnerability from variot - Updated: 2023-12-18 13:45Novell Client Firewall (NCF) 2.0, as based on the Agnitum Outpost Firewall, allows local users to execute arbitrary code with SYSTEM privileges by opening the NCF tray icon and using the Help functionality to launch programs with SYSTEM privileges. When Outpost Firewall is in use, the desktop console runs with SYSTEM privileges. It has been reported that it is possible for attackers with desktop access to elevate to these privileges through access validation errors. There are allegedly two instances where the console invokes, without dropping privileges first, commands or programs not under its control that can be hijacked by malicious users. Novell Client Firewall version 2.0 has been reported to be affected by these issues as well. Novell Client Firewall is based on Agnitum Outpost firewall. The software provides comprehensive security protection when users surf the web
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200412-0822",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "client firewall",
"scope": "eq",
"trust": 1.9,
"vendor": "novell",
"version": "2.0"
},
{
"model": "outpost firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "agnitum",
"version": "2.0"
},
{
"model": "outpost firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "agnitum",
"version": "1.0"
}
],
"sources": [
{
"db": "BID",
"id": "9441"
},
{
"db": "NVD",
"id": "CVE-2004-2554"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-485"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:novell:client_firewall:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-2554"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "KF dotslash@snosoft.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200412-485"
}
],
"trust": 0.6
},
"cve": "CVE-2004-2554",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-10982",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2004-2554",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200412-485",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-10982",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-10982"
},
{
"db": "NVD",
"id": "CVE-2004-2554"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-485"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Novell Client Firewall (NCF) 2.0, as based on the Agnitum Outpost Firewall, allows local users to execute arbitrary code with SYSTEM privileges by opening the NCF tray icon and using the Help functionality to launch programs with SYSTEM privileges. When Outpost Firewall is in use, the desktop console runs with SYSTEM privileges. It has been reported that it is possible for attackers with desktop access to elevate to these privileges through access validation errors. There are allegedly two instances where the console invokes, without dropping privileges first, commands or programs not under its control that can be hijacked by malicious users. \nNovell Client Firewall version 2.0 has been reported to be affected by these issues as well. Novell Client Firewall is based on Agnitum Outpost firewall. The software provides comprehensive security protection when users surf the web",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-2554"
},
{
"db": "BID",
"id": "9441"
},
{
"db": "VULHUB",
"id": "VHN-10982"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "9441",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2004-2554",
"trust": 2.0
},
{
"db": "OSVDB",
"id": "4120",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "11014",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1008755",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200412-485",
"trust": 0.7
},
{
"db": "XF",
"id": "15367",
"trust": 0.6
},
{
"db": "CIAC",
"id": "O-090",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "6127",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-10982",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-10982"
},
{
"db": "BID",
"id": "9441"
},
{
"db": "NVD",
"id": "CVE-2004-2554"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-485"
}
]
},
"id": "VAR-200412-0822",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-10982"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:45:27.581000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-2554"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/10090585.htm"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/9441"
},
{
"trust": 1.7,
"url": "http://www.ciac.org/ciac/bulletins/o-090.shtml"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/4120"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1008755"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/11014"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15367"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/15367"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/6127"
},
{
"trust": 0.3,
"url": "http://support.novell.com"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-10982"
},
{
"db": "BID",
"id": "9441"
},
{
"db": "NVD",
"id": "CVE-2004-2554"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-485"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-10982"
},
{
"db": "BID",
"id": "9441"
},
{
"db": "NVD",
"id": "CVE-2004-2554"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-485"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-12-31T00:00:00",
"db": "VULHUB",
"id": "VHN-10982"
},
{
"date": "2004-01-18T00:00:00",
"db": "BID",
"id": "9441"
},
{
"date": "2004-12-31T05:00:00",
"db": "NVD",
"id": "CVE-2004-2554"
},
{
"date": "2004-01-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200412-485"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-10982"
},
{
"date": "2004-01-18T00:00:00",
"db": "BID",
"id": "9441"
},
{
"date": "2017-07-11T01:32:00.357000",
"db": "NVD",
"id": "CVE-2004-2554"
},
{
"date": "2005-12-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200412-485"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "9441"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-485"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Agnitum Outpost Firewall Local Privilege Escalation Vulnerability",
"sources": [
{
"db": "BID",
"id": "9441"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-485"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "access verification error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200412-485"
}
],
"trust": 0.6
}
}
VAR-200607-0237
Vulnerability from variot - Updated: 2023-12-18 13:25Agnitum Outpost Firewall Pro 3.51.759.6511 (462), as used in (1) Lavasoft Personal Firewall 1.0.543.5722 (433) and (2) Novell BorderManager Novell Client Firewall 2.0, does not properly restrict user activities in application windows that run in a LocalSystem context, which allows local users to gain privileges and execute commands (a) via the "open folder" option when no instance of explorer.exe is running, possibly related to the ShellExecute API function; or (b) by overwriting a batch file through the "Save Configuration As" option. NOTE: this might be a vulnerability in Microsoft Windows and explorer.exe instead of the firewall. Lavasoft Personal Firewall will allow local attackers to gain elevated privileges, which may lead to a complete compromise. Version 1.0.543.5722 (433) is reported vulnerable. Other versions may be affected as well. Reports indicate that this issue may be related to BID 19024.
Hardcore Disassembler / Reverse Engineer Wanted!
Want to work with IDA and BinDiff? Want to write PoC's and Exploits?
Your nationality is not important. We will get you a work permit, find an apartment, and offer a relocation compensation package.
The vulnerability is caused due to the application windows running with SYSTEM privileges and the application not checking if explorer.exe is running. This can be exploited to launch explorer.exe with SYSTEM privileges by terminating it and then using the "open folder" option in e.g. the "Shared Components" window.
SOLUTION: Enable password protection.
PROVIDED AND/OR DISCOVERED BY: Ben Goulding
ORIGINAL ADVISORY: http://www.ben.goulding.com.au/secad.html
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200607-0237",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "client firewall",
"scope": "eq",
"trust": 2.7,
"vendor": "novell",
"version": "2.0"
},
{
"model": "personal firewall",
"scope": "eq",
"trust": 1.0,
"vendor": "lavasoft",
"version": "1.0.543.5722.433"
},
{
"model": "outpost firewall",
"scope": "eq",
"trust": 1.0,
"vendor": "agnitum",
"version": "3.51.759.6511"
},
{
"model": "outpost firewall",
"scope": "eq",
"trust": 0.8,
"vendor": "agnitum",
"version": "pro 3.51.759.6511 (462)"
},
{
"model": "personal firewall",
"scope": "eq",
"trust": 0.8,
"vendor": "lavasoft",
"version": "1.0.543.5722 (433)"
},
{
"model": "bordermanager",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.8"
},
{
"model": "bordermanager",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.7"
},
{
"model": "outpost firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "agnitum",
"version": "3.51.759.6511(462)"
},
{
"model": "personal firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "lavasoft",
"version": "1.0.543.5722(433)"
}
],
"sources": [
{
"db": "BID",
"id": "19024"
},
{
"db": "BID",
"id": "19018"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-002819"
},
{
"db": "NVD",
"id": "CVE-2006-3697"
},
{
"db": "CNNVD",
"id": "CNNVD-200607-289"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:lavasoft:lavasoft_personal_firewall:1.0.543.5722.433:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:novell:client_firewall:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:agnitum:outpost_firewall:3.51.759.6511:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-3697"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "mullware@gmail.com discovered this issue.",
"sources": [
{
"db": "BID",
"id": "19018"
},
{
"db": "CNNVD",
"id": "CNNVD-200607-289"
}
],
"trust": 0.9
},
"cve": "CVE-2006-3697",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.2,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2006-3697",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-19805",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2006-3697",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200607-289",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-19805",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-19805"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-002819"
},
{
"db": "NVD",
"id": "CVE-2006-3697"
},
{
"db": "CNNVD",
"id": "CNNVD-200607-289"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Agnitum Outpost Firewall Pro 3.51.759.6511 (462), as used in (1) Lavasoft Personal Firewall 1.0.543.5722 (433) and (2) Novell BorderManager Novell Client Firewall 2.0, does not properly restrict user activities in application windows that run in a LocalSystem context, which allows local users to gain privileges and execute commands (a) via the \"open folder\" option when no instance of explorer.exe is running, possibly related to the ShellExecute API function; or (b) by overwriting a batch file through the \"Save Configuration As\" option. NOTE: this might be a vulnerability in Microsoft Windows and explorer.exe instead of the firewall. Lavasoft Personal Firewall will allow local attackers to gain elevated privileges, which may lead to a complete compromise. \nVersion 1.0.543.5722 (433) is reported vulnerable. Other versions may be affected as well. \nReports indicate that this issue may be related to BID 19024. \n\n----------------------------------------------------------------------\n\nHardcore Disassembler / Reverse Engineer Wanted!\n\nWant to work with IDA and BinDiff?\nWant to write PoC\u0027s and Exploits?\n\nYour nationality is not important. \nWe will get you a work permit, find an apartment, and offer a\nrelocation compensation package. \n\nThe vulnerability is caused due to the application windows running\nwith SYSTEM privileges and the application not checking if\nexplorer.exe is running. This can be exploited to launch explorer.exe\nwith SYSTEM privileges by terminating it and then using the \"open\nfolder\" option in e.g. the \"Shared Components\" window. \n\nSOLUTION:\nEnable password protection. \n\nPROVIDED AND/OR DISCOVERED BY:\nBen Goulding\n\nORIGINAL ADVISORY:\nhttp://www.ben.goulding.com.au/secad.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-3697"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-002819"
},
{
"db": "BID",
"id": "19024"
},
{
"db": "BID",
"id": "19018"
},
{
"db": "VULHUB",
"id": "VHN-19805"
},
{
"db": "PACKETSTORM",
"id": "48308"
},
{
"db": "PACKETSTORM",
"id": "48302"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2006-3697",
"trust": 3.1
},
{
"db": "BID",
"id": "19024",
"trust": 2.0
},
{
"db": "BID",
"id": "19018",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "21089",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "21088",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2007-0144",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2006-2852",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2006-2851",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "27349",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2006-002819",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200607-289",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20060716 ESCALATION OF PRIVILEGES IN OUTPOST AND LAVASOFT FIREWALLS -UNUSUAL SHELLEXECUTE BEHAVIOR",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-19805",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "48308",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "48302",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-19805"
},
{
"db": "BID",
"id": "19024"
},
{
"db": "BID",
"id": "19018"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-002819"
},
{
"db": "PACKETSTORM",
"id": "48308"
},
{
"db": "PACKETSTORM",
"id": "48302"
},
{
"db": "NVD",
"id": "CVE-2006-3697"
},
{
"db": "CNNVD",
"id": "CNNVD-200607-289"
}
]
},
"id": "VAR-200607-0237",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-19805"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:25:51.903000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.agnitum.com/products/outpost/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.lavasoft.com/products/lavasoft_personal_firewall.php"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.novell.com/support/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-002819"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-19805"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-002819"
},
{
"db": "NVD",
"id": "CVE-2006-3697"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.ben.goulding.com.au/secad.html"
},
{
"trust": 2.0,
"url": "https://secure-support.novell.com/kanisaplatform/publishing/903/3762108_f.sal_public.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/19018"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/19024"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/27349"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/21088"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/21089"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/440426/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2006/2851"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2006/2852"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2007/0144"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3697"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-3697"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/440426/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2007/0144"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2006/2852"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2006/2851"
},
{
"trust": 0.3,
"url": "http://www.agnitum.com/products/outpost/"
},
{
"trust": 0.3,
"url": "http://seclists.org/lists/fulldisclosure/2006/jul/0481.html"
},
{
"trust": 0.3,
"url": "http://www.lavasoftusa.com/software/firewall/"
},
{
"trust": 0.2,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/hardcore_disassembler_and_reverse_engineer/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/7908/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/21089/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/21088/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/11075/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-19805"
},
{
"db": "BID",
"id": "19024"
},
{
"db": "BID",
"id": "19018"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-002819"
},
{
"db": "PACKETSTORM",
"id": "48308"
},
{
"db": "PACKETSTORM",
"id": "48302"
},
{
"db": "NVD",
"id": "CVE-2006-3697"
},
{
"db": "CNNVD",
"id": "CNNVD-200607-289"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-19805"
},
{
"db": "BID",
"id": "19024"
},
{
"db": "BID",
"id": "19018"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-002819"
},
{
"db": "PACKETSTORM",
"id": "48308"
},
{
"db": "PACKETSTORM",
"id": "48302"
},
{
"db": "NVD",
"id": "CVE-2006-3697"
},
{
"db": "CNNVD",
"id": "CNNVD-200607-289"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-07-21T00:00:00",
"db": "VULHUB",
"id": "VHN-19805"
},
{
"date": "2006-07-17T00:00:00",
"db": "BID",
"id": "19024"
},
{
"date": "2006-07-17T00:00:00",
"db": "BID",
"id": "19018"
},
{
"date": "2012-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-002819"
},
{
"date": "2006-07-18T20:56:43",
"db": "PACKETSTORM",
"id": "48308"
},
{
"date": "2006-07-18T20:56:43",
"db": "PACKETSTORM",
"id": "48302"
},
{
"date": "2006-07-21T14:03:00",
"db": "NVD",
"id": "CVE-2006-3697"
},
{
"date": "2006-07-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200607-289"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-18T00:00:00",
"db": "VULHUB",
"id": "VHN-19805"
},
{
"date": "2007-01-11T17:50:00",
"db": "BID",
"id": "19024"
},
{
"date": "2007-01-11T18:10:00",
"db": "BID",
"id": "19018"
},
{
"date": "2012-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-002819"
},
{
"date": "2018-10-18T16:48:58.037000",
"db": "NVD",
"id": "CVE-2006-3697"
},
{
"date": "2007-01-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200607-289"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "19024"
},
{
"db": "BID",
"id": "19018"
},
{
"db": "PACKETSTORM",
"id": "48308"
},
{
"db": "PACKETSTORM",
"id": "48302"
},
{
"db": "CNNVD",
"id": "CNNVD-200607-289"
}
],
"trust": 1.4
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Lavasoft Personal Firewall Used in products such as Agnitum Outpost Firewall Vulnerability gained in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-002819"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "19024"
},
{
"db": "BID",
"id": "19018"
}
],
"trust": 0.6
}
}
VAR-200706-0158
Vulnerability from variot - Updated: 2023-12-18 13:20Unrestricted critical resource lock in Agnitum Outpost Firewall PRO 4.0 1007.591.145 and earlier allows local users to cause a denial of service (system hang) by capturing the outpost_ipc_hdr mutex. Outpost Firewall is prone to a local denial-of-service vulnerability. An attacker can exploit this issue to block arbitrary processes, denying service to legitimate users. This issue affects Outpost Firewall 4.0 build 1007.591.145 and build 964.582.059; other versions may also be affected
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200706-0158",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "outpost firewall",
"scope": "eq",
"trust": 1.6,
"vendor": "agnitum",
"version": "4.0"
},
{
"model": "outpost firewall",
"scope": "eq",
"trust": 1.6,
"vendor": "agnitum",
"version": "4.0_964.582.059"
},
{
"model": "outpost firewall",
"scope": "eq",
"trust": 1.6,
"vendor": "agnitum",
"version": "4.0_1007.591.145"
},
{
"model": "outpost firewall",
"scope": "lte",
"trust": 0.8,
"vendor": "agnitum",
"version": "pro 4.0 1007.591.145"
},
{
"model": "outpost firewall pro",
"scope": "eq",
"trust": 0.3,
"vendor": "agnitum",
"version": "4.0(964.582.059)"
},
{
"model": "outpost firewall pro",
"scope": "eq",
"trust": 0.3,
"vendor": "agnitum",
"version": "4.0(1007.591.145)"
},
{
"model": "outpost firewall pro",
"scope": "eq",
"trust": 0.3,
"vendor": "agnitum",
"version": "4.0"
}
],
"sources": [
{
"db": "BID",
"id": "24284"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002154"
},
{
"db": "NVD",
"id": "CVE-2007-3086"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-093"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:agnitum:outpost_firewall:4.0:*:pro:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:agnitum:outpost_firewall:4.0_1007.591.145:*:pro:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:agnitum:outpost_firewall:4.0_964.582.059:*:pro:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-3086"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Matousec is credited with the discovery of this vulnerability.",
"sources": [
{
"db": "BID",
"id": "24284"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-093"
}
],
"trust": 0.9
},
"cve": "CVE-2007-3086",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 4.9,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2007-3086",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "VHN-26448",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2007-3086",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200706-093",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-26448",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2007-3086",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-26448"
},
{
"db": "VULMON",
"id": "CVE-2007-3086"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002154"
},
{
"db": "NVD",
"id": "CVE-2007-3086"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-093"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unrestricted critical resource lock in Agnitum Outpost Firewall PRO 4.0 1007.591.145 and earlier allows local users to cause a denial of service (system hang) by capturing the outpost_ipc_hdr mutex. Outpost Firewall is prone to a local denial-of-service vulnerability. \nAn attacker can exploit this issue to block arbitrary processes, denying service to legitimate users. \nThis issue affects Outpost Firewall 4.0 build 1007.591.145 and build 964.582.059; other versions may also be affected",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-3086"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002154"
},
{
"db": "BID",
"id": "24284"
},
{
"db": "VULHUB",
"id": "VHN-26448"
},
{
"db": "VULMON",
"id": "CVE-2007-3086"
}
],
"trust": 2.07
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-26448",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=30139",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-26448"
},
{
"db": "VULMON",
"id": "CVE-2007-3086"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2007-3086",
"trust": 2.9
},
{
"db": "BID",
"id": "24284",
"trust": 2.1
},
{
"db": "SREASON",
"id": "2775",
"trust": 1.8
},
{
"db": "OSVDB",
"id": "42038",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002154",
"trust": 0.8
},
{
"db": "XF",
"id": "34686",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20070601 OUTPOST ENFORCING SYSTEM REBOOT WITH \u0027OUTPOST_IPC_HDR\u0027 MUTEX VULNERABILITY",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200706-093",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "30139",
"trust": 0.2
},
{
"db": "SEEBUG",
"id": "SSVID-83596",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-26448",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2007-3086",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-26448"
},
{
"db": "VULMON",
"id": "CVE-2007-3086"
},
{
"db": "BID",
"id": "24284"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002154"
},
{
"db": "NVD",
"id": "CVE-2007-3086"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-093"
}
]
},
"id": "VAR-200706-0158",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-26448"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:20:47.944000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.agnitum.com/products/outpost/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-002154"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-3086"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/24284"
},
{
"trust": 1.8,
"url": "http://www.matousec.com/info/advisories/outpost-enforcing-system-reboot-with-outpost_ipc_hdr-mutex.php"
},
{
"trust": 1.8,
"url": "http://osvdb.org/42038"
},
{
"trust": 1.8,
"url": "http://securityreason.com/securityalert/2775"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/archive/1/470278/100/0/threaded"
},
{
"trust": 1.2,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34686"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3086"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-3086"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/34686"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/470278/100/0/threaded"
},
{
"trust": 0.3,
"url": "http://www.agnitum.com/"
},
{
"trust": 0.3,
"url": "/archive/1/470278"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=13470"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/30139/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-26448"
},
{
"db": "VULMON",
"id": "CVE-2007-3086"
},
{
"db": "BID",
"id": "24284"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002154"
},
{
"db": "NVD",
"id": "CVE-2007-3086"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-093"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-26448"
},
{
"db": "VULMON",
"id": "CVE-2007-3086"
},
{
"db": "BID",
"id": "24284"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002154"
},
{
"db": "NVD",
"id": "CVE-2007-3086"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-093"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-06-06T00:00:00",
"db": "VULHUB",
"id": "VHN-26448"
},
{
"date": "2007-06-06T00:00:00",
"db": "VULMON",
"id": "CVE-2007-3086"
},
{
"date": "2007-06-04T00:00:00",
"db": "BID",
"id": "24284"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-002154"
},
{
"date": "2007-06-06T10:30:00",
"db": "NVD",
"id": "CVE-2007-3086"
},
{
"date": "2007-06-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200706-093"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-16T00:00:00",
"db": "VULHUB",
"id": "VHN-26448"
},
{
"date": "2018-10-16T00:00:00",
"db": "VULMON",
"id": "CVE-2007-3086"
},
{
"date": "2015-05-07T17:37:00",
"db": "BID",
"id": "24284"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-002154"
},
{
"date": "2018-10-16T16:47:18.153000",
"db": "NVD",
"id": "CVE-2007-3086"
},
{
"date": "2007-06-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200706-093"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "24284"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-093"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Agnitum Outpost Firewall Outpost_IPC_HDR Local Denial of Service Vulnerability",
"sources": [
{
"db": "BID",
"id": "24284"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-093"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "24284"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-093"
}
],
"trust": 0.9
}
}
VAR-200703-0244
Vulnerability from variot - Updated: 2023-12-18 13:10The Sandbox.sys driver in Outpost Firewall PRO 4.0, and possibly earlier versions, does not validate arguments to hooked SSDT functions, which allows local users to cause a denial of service (crash) via invalid arguments to the (1) NtAssignProcessToJobObject,, (2) NtCreateKey, (3) NtCreateThread, (4) NtDeleteFile, (5) NtLoadDriver, (6) NtOpenProcess, (7) NtProtectVirtualMemory, (8) NtReplaceKey, (9) NtTerminateProcess, (10) NtTerminateThread, (11) NtUnloadDriver, and (12) NtWriteVirtualMemory functions. (1) NtAssignProcessToJobObject function (2) NtCreateKey function (3) NtCreateThread function (4) NtDeleteFile function (5) NtLoadDriver function (6) NtOpenProcess function (7) NtProtectVirtualmemory function (8) NtReplaceKey function (9) NtTerminateProcess function (10) NtTerminateThread function (11) NtUnloadDriver function (12) NtWriteVirtualmemory function. Outpost Firewall PRO is prone to multiple local denial-of-service vulnerabilities because the application fails to properly handle unexpected input. Exploiting these issues allows local attackers to crash affected computers, denying service to legitimate users. Remote code-execution may be possible, but this has not been confirmed. Outpost Firewall PRO 4.0 (964.582.059) and 4.0 (971.584.079) are vulnerable to these issues; other versions may also be affected. Outpost Firewall is prone to a denial-of-service vulnerability.
To improve our services to our customers, we have made a number of additions to the Secunia Advisories and have started translating the advisories to German.
The improvements will help our customers to get a better understanding of how we reached our conclusions, how it was rated, our thoughts on exploitation, attack vectors, and scenarios.
The vulnerability is caused due to an error within Sandbox.sys when handling the parameters of certain hooked functions. This can be exploited to cause a DoS by calling NtAssignProcessToJobObject, NtCreateKey, NtCreateThread, NtDeleteFile, NtLoadDriver, NtOpenProcess, NtProtectVirtualMemory, NtReplaceKey, NtTerminateProcess, NtTerminateThread, NtUnloadDriver, and NtWriteVirtualMemory with specially crafted parameters. Other versions may also be affected.
SOLUTION: Restrict access to trusted users only.
PROVIDED AND/OR DISCOVERED BY: Matousec Transparent Security
ORIGINAL ADVISORY: Matousec Transparent Security: http://www.matousec.com/info/advisories/Outpost-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200703-0244",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "outpost firewall",
"scope": "lte",
"trust": 1.0,
"vendor": "agnitum",
"version": "4.0"
},
{
"model": "outpost firewall",
"scope": "lte",
"trust": 0.8,
"vendor": "agnitum",
"version": "pro 4.0"
},
{
"model": "outpost firewall pro",
"scope": "eq",
"trust": 0.6,
"vendor": "agnitum",
"version": "4.0"
},
{
"model": "outpost firewall",
"scope": "eq",
"trust": 0.6,
"vendor": "agnitum",
"version": "4.0"
},
{
"model": "outpost firewall pro",
"scope": "eq",
"trust": 0.3,
"vendor": "agnitum",
"version": "4.0(971.584.079)"
},
{
"model": "outpost firewall pro",
"scope": "eq",
"trust": 0.3,
"vendor": "agnitum",
"version": "4.0(964.582.059)"
},
{
"model": "outpost firewall pro",
"scope": "ne",
"trust": 0.3,
"vendor": "agnitum",
"version": "4.0(1005.590.123)"
}
],
"sources": [
{
"db": "BID",
"id": "21097"
},
{
"db": "BID",
"id": "82061"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001297"
},
{
"db": "NVD",
"id": "CVE-2006-7160"
},
{
"db": "CNNVD",
"id": "CNNVD-200703-259"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:agnitum:outpost_firewall:*:*:pro:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-7160"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Matousec Transparent Security discovered these issues.",
"sources": [
{
"db": "BID",
"id": "21097"
},
{
"db": "CNNVD",
"id": "CNNVD-200703-259"
}
],
"trust": 0.9
},
"cve": "CVE-2006-7160",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 4.9,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2006-7160",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "VHN-23268",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2006-7160",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200703-259",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-23268",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-23268"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001297"
},
{
"db": "NVD",
"id": "CVE-2006-7160"
},
{
"db": "CNNVD",
"id": "CNNVD-200703-259"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Sandbox.sys driver in Outpost Firewall PRO 4.0, and possibly earlier versions, does not validate arguments to hooked SSDT functions, which allows local users to cause a denial of service (crash) via invalid arguments to the (1) NtAssignProcessToJobObject,, (2) NtCreateKey, (3) NtCreateThread, (4) NtDeleteFile, (5) NtLoadDriver, (6) NtOpenProcess, (7) NtProtectVirtualMemory, (8) NtReplaceKey, (9) NtTerminateProcess, (10) NtTerminateThread, (11) NtUnloadDriver, and (12) NtWriteVirtualMemory functions. (1) NtAssignProcessToJobObject function (2) NtCreateKey function (3) NtCreateThread function (4) NtDeleteFile function (5) NtLoadDriver function (6) NtOpenProcess function (7) NtProtectVirtualmemory function (8) NtReplaceKey function (9) NtTerminateProcess function (10) NtTerminateThread function (11) NtUnloadDriver function (12) NtWriteVirtualmemory function. Outpost Firewall PRO is prone to multiple local denial-of-service vulnerabilities because the application fails to properly handle unexpected input. \nExploiting these issues allows local attackers to crash affected computers, denying service to legitimate users. Remote code-execution may be possible, but this has not been confirmed. \nOutpost Firewall PRO 4.0 (964.582.059) and 4.0 (971.584.079) are vulnerable to these issues; other versions may also be affected. Outpost Firewall is prone to a denial-of-service vulnerability. \n\n----------------------------------------------------------------------\n\nTo improve our services to our customers, we have made a number of\nadditions to the Secunia Advisories and have started translating the\nadvisories to German. \n\nThe improvements will help our customers to get a better\nunderstanding of how we reached our conclusions, how it was rated,\nour thoughts on exploitation, attack vectors, and scenarios. \n\nThe vulnerability is caused due to an error within Sandbox.sys when\nhandling the parameters of certain hooked functions. This can be\nexploited to cause a DoS by calling NtAssignProcessToJobObject,\nNtCreateKey, NtCreateThread, NtDeleteFile, NtLoadDriver,\nNtOpenProcess, NtProtectVirtualMemory, NtReplaceKey,\nNtTerminateProcess, NtTerminateThread, NtUnloadDriver, and\nNtWriteVirtualMemory with specially crafted parameters. Other\nversions may also be affected. \n\nSOLUTION:\nRestrict access to trusted users only. \n\nPROVIDED AND/OR DISCOVERED BY:\nMatousec Transparent Security\n\nORIGINAL ADVISORY:\nMatousec Transparent Security:\nhttp://www.matousec.com/info/advisories/Outpost-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-7160"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001297"
},
{
"db": "BID",
"id": "21097"
},
{
"db": "BID",
"id": "82061"
},
{
"db": "VULHUB",
"id": "VHN-23268"
},
{
"db": "PACKETSTORM",
"id": "52141"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2006-7160",
"trust": 2.8
},
{
"db": "BID",
"id": "21097",
"trust": 2.3
},
{
"db": "SREASON",
"id": "2376",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "22913",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2006-4537",
"trust": 1.7
},
{
"db": "XF",
"id": "30312",
"trust": 0.9
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001297",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200703-259",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20061115 OUTPOST MULTIPLE INSUFFICIENT ARGUMENT VALIDATION OF HOOKED SSDT FUNCTION VULNERABILITY",
"trust": 0.6
},
{
"db": "BID",
"id": "82061",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-23268",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "52141",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-23268"
},
{
"db": "BID",
"id": "21097"
},
{
"db": "BID",
"id": "82061"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001297"
},
{
"db": "PACKETSTORM",
"id": "52141"
},
{
"db": "NVD",
"id": "CVE-2006-7160"
},
{
"db": "CNNVD",
"id": "CNNVD-200703-259"
}
]
},
"id": "VAR-200703-0244",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-23268"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:10:29.051000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.agnitum.com/products/outpost/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-001297"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-23268"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001297"
},
{
"db": "NVD",
"id": "CVE-2006-7160"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://www.matousec.com/info/advisories/outpost-multiple-insufficient-argument-validation-of-hooked-ssdt-functions.php"
},
{
"trust": 2.0,
"url": "http://www.securityfocus.com/bid/21097"
},
{
"trust": 2.0,
"url": "http://securityreason.com/securityalert/2376"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/22913"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/451672/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2006/4537"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30312"
},
{
"trust": 0.9,
"url": "http://xforce.iss.net/xforce/xfdb/30312"
},
{
"trust": 0.9,
"url": "http://www.securityfocus.com/archive/1/archive/1/451672/100/0/threaded"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-7160"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-7160"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2006/4537"
},
{
"trust": 0.3,
"url": "http://www.agnitum.com/products/outpost/"
},
{
"trust": 0.3,
"url": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php"
},
{
"trust": 0.3,
"url": "/archive/1/451672"
},
{
"trust": 0.3,
"url": "/archive/1/479830"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://corporate.secunia.com/products/48/?r=l"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/22913/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/12472/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://corporate.secunia.com/how_to_buy/15/?r=l"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-23268"
},
{
"db": "BID",
"id": "21097"
},
{
"db": "BID",
"id": "82061"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001297"
},
{
"db": "PACKETSTORM",
"id": "52141"
},
{
"db": "NVD",
"id": "CVE-2006-7160"
},
{
"db": "CNNVD",
"id": "CNNVD-200703-259"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-23268"
},
{
"db": "BID",
"id": "21097"
},
{
"db": "BID",
"id": "82061"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001297"
},
{
"db": "PACKETSTORM",
"id": "52141"
},
{
"db": "NVD",
"id": "CVE-2006-7160"
},
{
"db": "CNNVD",
"id": "CNNVD-200703-259"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-03-07T00:00:00",
"db": "VULHUB",
"id": "VHN-23268"
},
{
"date": "2006-11-15T00:00:00",
"db": "BID",
"id": "21097"
},
{
"date": "2007-03-07T00:00:00",
"db": "BID",
"id": "82061"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-001297"
},
{
"date": "2006-11-16T15:09:27",
"db": "PACKETSTORM",
"id": "52141"
},
{
"date": "2007-03-07T20:19:00",
"db": "NVD",
"id": "CVE-2006-7160"
},
{
"date": "2007-03-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200703-259"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-16T00:00:00",
"db": "VULHUB",
"id": "VHN-23268"
},
{
"date": "2007-09-18T22:30:00",
"db": "BID",
"id": "21097"
},
{
"date": "2007-03-07T00:00:00",
"db": "BID",
"id": "82061"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-001297"
},
{
"date": "2018-10-16T16:29:38.287000",
"db": "NVD",
"id": "CVE-2006-7160"
},
{
"date": "2007-04-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200703-259"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "21097"
},
{
"db": "BID",
"id": "82061"
},
{
"db": "PACKETSTORM",
"id": "52141"
},
{
"db": "CNNVD",
"id": "CNNVD-200703-259"
}
],
"trust": 1.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Outpost Firewall PRO of sandbox.sys Service disruption in drivers (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-001297"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200703-259"
}
],
"trust": 0.6
}
}
VAR-200412-0318
Vulnerability from variot - Updated: 2023-12-18 12:33Agnitum Outpost Pro Firewall 2.1 allows remote attackers to cause a denial of service (CPU consumption) via a flood of small, invalid packets, which can not be processed quickly enough by Outpost Pro. The issue is reported to present itself when an attacker sends multiple incomplete requests to the application. Agnitum Outpost Pro Firewall version 2.1 is reported to be affected by this issue, however, prior versions may be vulnerable as well.
The problem is that the firewall fails to handle incomplete requests fast enough, if they are made at a high speed with random source IPs. This causes the firewall to stop processing packets in real time.
SOLUTION: Use another product if this causes problems.
PROVIDED AND/OR DISCOVERED BY: Armin Pelkmann
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet@packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200412-0318",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "outpost firewall",
"scope": "eq",
"trust": 1.9,
"vendor": "agnitum",
"version": "2.1"
}
],
"sources": [
{
"db": "BID",
"id": "10338"
},
{
"db": "NVD",
"id": "CVE-2004-2472"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-975"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:agnitum:outpost_firewall:2.1:*:pro:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-2472"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovery is credited to Armin Pelkmann.",
"sources": [
{
"db": "BID",
"id": "10338"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-975"
}
],
"trust": 0.9
},
"cve": "CVE-2004-2472",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-10900",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2004-2472",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200412-975",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-10900",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-10900"
},
{
"db": "NVD",
"id": "CVE-2004-2472"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-975"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Agnitum Outpost Pro Firewall 2.1 allows remote attackers to cause a denial of service (CPU consumption) via a flood of small, invalid packets, which can not be processed quickly enough by Outpost Pro. The issue is reported to present itself when an attacker sends multiple incomplete requests to the application. \nAgnitum Outpost Pro Firewall version 2.1 is reported to be affected by this issue, however, prior versions may be vulnerable as well. \n\nThe problem is that the firewall fails to handle incomplete requests\nfast enough, if they are made at a high speed with random source IPs. \nThis causes the firewall to stop processing packets in real time. \n\nSOLUTION:\nUse another product if this causes problems. \n\nPROVIDED AND/OR DISCOVERED BY:\nArmin Pelkmann\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet@packetstormsecurity.org\n\n----------------------------------------------------------------------\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-2472"
},
{
"db": "BID",
"id": "10338"
},
{
"db": "VULHUB",
"id": "VHN-10900"
},
{
"db": "PACKETSTORM",
"id": "33332"
}
],
"trust": 1.35
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "10338",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "11601",
"trust": 1.8
},
{
"db": "OSVDB",
"id": "6110",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1010151",
"trust": 1.7
},
{
"db": "NVD",
"id": "CVE-2004-2472",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200412-975",
"trust": 0.7
},
{
"db": "XF",
"id": "16133",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-10900",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "33332",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-10900"
},
{
"db": "BID",
"id": "10338"
},
{
"db": "PACKETSTORM",
"id": "33332"
},
{
"db": "NVD",
"id": "CVE-2004-2472"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-975"
}
]
},
"id": "VAR-200412-0318",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-10900"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:33:01.375000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-2472"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/10338"
},
{
"trust": 1.7,
"url": "http://www.securiteam.com/windowsntfocus/5fp0e0kcuw.html"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/6110"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/alerts/2004/may/1010151.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/11601"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16133"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/16133"
},
{
"trust": 0.3,
"url": "http://www.agnitum.com/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet@packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/11601/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-10900"
},
{
"db": "BID",
"id": "10338"
},
{
"db": "PACKETSTORM",
"id": "33332"
},
{
"db": "NVD",
"id": "CVE-2004-2472"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-975"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-10900"
},
{
"db": "BID",
"id": "10338"
},
{
"db": "PACKETSTORM",
"id": "33332"
},
{
"db": "NVD",
"id": "CVE-2004-2472"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-975"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-12-31T00:00:00",
"db": "VULHUB",
"id": "VHN-10900"
},
{
"date": "2004-05-13T00:00:00",
"db": "BID",
"id": "10338"
},
{
"date": "2004-05-13T23:21:44",
"db": "PACKETSTORM",
"id": "33332"
},
{
"date": "2004-12-31T05:00:00",
"db": "NVD",
"id": "CVE-2004-2472"
},
{
"date": "2004-12-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200412-975"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-10900"
},
{
"date": "2004-05-13T00:00:00",
"db": "BID",
"id": "10338"
},
{
"date": "2017-07-11T01:31:55.670000",
"db": "NVD",
"id": "CVE-2004-2472"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200412-975"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200412-975"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Agnitum Outpost Firewall Remote service denial vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200412-975"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200412-975"
}
],
"trust": 0.6
}
}
VAR-200607-0236
Vulnerability from variot - Updated: 2023-12-18 12:32filtnt.sys in Outpost Firewall Pro before 3.51.759.6511 (462) allows local users to cause a denial of service (crash) via long arguments to mshta.exe. Outpost Firewall is prone to a local denial-of-service vulnerability. An attacker can exploit this issue to crash the application, effectively denying service. Outpost Firewall Pro version 3.5.631 is affected by this issue; other versions may also be vulnerable.
Hardcore Disassembler / Reverse Engineer Wanted!
Want to work with IDA and BinDiff? Want to write PoC's and Exploits?
Your nationality is not important. We will get you a work permit, find an apartment, and offer a relocation compensation package.
The vulnerability is caused due to an unspecified error in the Virtual Firewall driver (filtnt.sys) and can be exploited to crash the system by e.g. passing an overly long string as command line argument to mshta.exe.
The vulnerability has been reported in version 3.5.631. Other versions may also be affected.
SOLUTION: Update to version 3.51.759.6511 (462) or later.
PROVIDED AND/OR DISCOVERED BY: Bipin Gautam
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200607-0236",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "outpost firewall",
"scope": "eq",
"trust": 1.9,
"vendor": "agnitum",
"version": "3.5.631"
},
{
"model": "outpost firewall",
"scope": "lt",
"trust": 0.8,
"vendor": "agnitum",
"version": "pro 3.51.759.6511 (462)"
},
{
"model": "outpost firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "agnitum",
"version": "3.51.759.6511(462)"
}
],
"sources": [
{
"db": "BID",
"id": "19026"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-002818"
},
{
"db": "NVD",
"id": "CVE-2006-3696"
},
{
"db": "CNNVD",
"id": "CNNVD-200607-318"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:agnitum:outpost_firewall:3.5.631:*:pro:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-3696"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Bipin Gautam is credited with the discovery of this vulnerability.",
"sources": [
{
"db": "BID",
"id": "19026"
},
{
"db": "CNNVD",
"id": "CNNVD-200607-318"
}
],
"trust": 0.9
},
"cve": "CVE-2006-3696",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 2.1,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2006-3696",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "VHN-19804",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2006-3696",
"trust": 1.8,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-200607-318",
"trust": 0.6,
"value": "LOW"
},
{
"author": "VULHUB",
"id": "VHN-19804",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-19804"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-002818"
},
{
"db": "NVD",
"id": "CVE-2006-3696"
},
{
"db": "CNNVD",
"id": "CNNVD-200607-318"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "filtnt.sys in Outpost Firewall Pro before 3.51.759.6511 (462) allows local users to cause a denial of service (crash) via long arguments to mshta.exe. Outpost Firewall is prone to a local denial-of-service vulnerability. \nAn attacker can exploit this issue to crash the application, effectively denying service. \nOutpost Firewall Pro version 3.5.631 is affected by this issue; other versions may also be vulnerable. \n\n----------------------------------------------------------------------\n\nHardcore Disassembler / Reverse Engineer Wanted!\n\nWant to work with IDA and BinDiff?\nWant to write PoC\u0027s and Exploits?\n\nYour nationality is not important. \nWe will get you a work permit, find an apartment, and offer a\nrelocation compensation package. \n\nThe vulnerability is caused due to an unspecified error in the\nVirtual Firewall driver (filtnt.sys) and can be exploited to crash\nthe system by e.g. passing an overly long string as command line\nargument to mshta.exe. \n\nThe vulnerability has been reported in version 3.5.631. Other\nversions may also be affected. \n\nSOLUTION:\nUpdate to version 3.51.759.6511 (462) or later. \n\nPROVIDED AND/OR DISCOVERED BY:\nBipin Gautam\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-3696"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-002818"
},
{
"db": "BID",
"id": "19026"
},
{
"db": "VULHUB",
"id": "VHN-19804"
},
{
"db": "PACKETSTORM",
"id": "48306"
}
],
"trust": 2.07
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-19804",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-19804"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2006-3696",
"trust": 2.5
},
{
"db": "BID",
"id": "19026",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "21095",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2006-2853",
"trust": 1.7
},
{
"db": "SREASON",
"id": "1247",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2006-002818",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200607-318",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20060717 OUTPOST FIREWALL PRO SECRATELY FIXING SECURITY FLAWS?",
"trust": 0.6
},
{
"db": "XF",
"id": "27840",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "28232",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-81809",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-19804",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "48306",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-19804"
},
{
"db": "BID",
"id": "19026"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-002818"
},
{
"db": "PACKETSTORM",
"id": "48306"
},
{
"db": "NVD",
"id": "CVE-2006-3696"
},
{
"db": "CNNVD",
"id": "CNNVD-200607-318"
}
]
},
"id": "VAR-200607-0236",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-19804"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:32:40.693000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.agnitum.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-002818"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-3696"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/19026"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/440427"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/21095"
},
{
"trust": 1.7,
"url": "http://securityreason.com/securityalert/1247"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2006/2853"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27840"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3696"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-3696"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2006/2853"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/27840"
},
{
"trust": 0.3,
"url": "http://www.agnitum.com/"
},
{
"trust": 0.3,
"url": "/archive/1/440427"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/7908/"
},
{
"trust": 0.1,
"url": "http://secunia.com/hardcore_disassembler_and_reverse_engineer/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/21095/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-19804"
},
{
"db": "BID",
"id": "19026"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-002818"
},
{
"db": "PACKETSTORM",
"id": "48306"
},
{
"db": "NVD",
"id": "CVE-2006-3696"
},
{
"db": "CNNVD",
"id": "CNNVD-200607-318"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-19804"
},
{
"db": "BID",
"id": "19026"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-002818"
},
{
"db": "PACKETSTORM",
"id": "48306"
},
{
"db": "NVD",
"id": "CVE-2006-3696"
},
{
"db": "CNNVD",
"id": "CNNVD-200607-318"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-07-21T00:00:00",
"db": "VULHUB",
"id": "VHN-19804"
},
{
"date": "2006-07-17T00:00:00",
"db": "BID",
"id": "19026"
},
{
"date": "2012-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-002818"
},
{
"date": "2006-07-18T20:56:43",
"db": "PACKETSTORM",
"id": "48306"
},
{
"date": "2006-07-21T14:03:00",
"db": "NVD",
"id": "CVE-2006-3696"
},
{
"date": "2006-07-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200607-318"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-20T00:00:00",
"db": "VULHUB",
"id": "VHN-19804"
},
{
"date": "2006-07-18T21:28:00",
"db": "BID",
"id": "19026"
},
{
"date": "2012-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-002818"
},
{
"date": "2017-07-20T01:32:30.007000",
"db": "NVD",
"id": "CVE-2006-3696"
},
{
"date": "2006-08-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200607-318"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "19026"
},
{
"db": "PACKETSTORM",
"id": "48306"
},
{
"db": "CNNVD",
"id": "CNNVD-200607-318"
}
],
"trust": 1.0
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Outpost Firewall of filtnt.sys Service disruption in (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-002818"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Boundary Condition Error",
"sources": [
{
"db": "BID",
"id": "19026"
},
{
"db": "CNNVD",
"id": "CNNVD-200607-318"
}
],
"trust": 0.9
}
}
VAR-200701-0041
Vulnerability from variot - Updated: 2023-12-18 12:32Agnitum Outpost Firewall PRO 4.0 allows local users to bypass access restrictions and insert Trojan horse drivers into the product's installation directory by creating links using FileLinkInformation requests with the ZwSetInformationFile function, as demonstrated by modifying SandBox.sys. Outpost Firewall PRO is prone to a local privilege-escalation vulnerability because it fails to perform adequate SSDT (System Service Descriptor Table) hooking on files in its installation directory. A local attacker can exploit this issue to elevate their privileges, which can lead to the complete compromise of an affected computer. Outpost Firewall PRO 4.0 is vulnerable; other versions may also be affected. Outpost Firewal Pro is a small and exquisite network firewall software, including advertisement and image filtering, content filtering, DNS cache and other functions. Outpost uses various SSDT hooks to protect files and directories in its installation directory, but when implementing this protection, it cannot prevent malicious applications from calling the original API ZwSetInformationFile class FileLinkInformation, which allows attackers to replace the ones that the system does not use when calling this function document. A vulnerable file in the Outpost installation directory is SandBox.sys. An attacker can replace this driver with a fake copy, and the system will load the driver on the next reboot. Since the driver runs in privileged kernel mode, this can result in complete system control
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200701-0041",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "outpost firewall",
"scope": "eq",
"trust": 1.6,
"vendor": "agnitum",
"version": "4.0"
},
{
"model": "outpost firewall",
"scope": "eq",
"trust": 0.8,
"vendor": "agnitum",
"version": "pro 4.0"
},
{
"model": "outpost firewall pro",
"scope": "eq",
"trust": 0.3,
"vendor": "agnitum",
"version": "4.0(971.584.079)"
},
{
"model": "outpost firewall pro",
"scope": "eq",
"trust": 0.3,
"vendor": "agnitum",
"version": "4.0(964.582.059)"
},
{
"model": "outpost firewall pro",
"scope": "eq",
"trust": 0.3,
"vendor": "agnitum",
"version": "4.0(1005.590.123)"
},
{
"model": "outpost firewall pro",
"scope": "eq",
"trust": 0.3,
"vendor": "agnitum",
"version": "4.0"
}
],
"sources": [
{
"db": "BID",
"id": "22069"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001401"
},
{
"db": "NVD",
"id": "CVE-2007-0333"
},
{
"db": "CNNVD",
"id": "CNNVD-200701-255"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:agnitum:outpost_firewall:4.0:*:pro:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-0333"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Matousec http://www.matousec.com/",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200701-255"
}
],
"trust": 0.6
},
"cve": "CVE-2007-0333",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.2,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2007-0333",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-23695",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2007-0333",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200701-255",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-23695",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-23695"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001401"
},
{
"db": "NVD",
"id": "CVE-2007-0333"
},
{
"db": "CNNVD",
"id": "CNNVD-200701-255"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Agnitum Outpost Firewall PRO 4.0 allows local users to bypass access restrictions and insert Trojan horse drivers into the product\u0027s installation directory by creating links using FileLinkInformation requests with the ZwSetInformationFile function, as demonstrated by modifying SandBox.sys. Outpost Firewall PRO is prone to a local privilege-escalation vulnerability because it fails to perform adequate SSDT (System Service Descriptor Table) hooking on files in its installation directory. \nA local attacker can exploit this issue to elevate their privileges, which can lead to the complete compromise of an affected computer. \nOutpost Firewall PRO 4.0 is vulnerable; other versions may also be affected. Outpost Firewal Pro is a small and exquisite network firewall software, including advertisement and image filtering, content filtering, DNS cache and other functions. Outpost uses various SSDT hooks to protect files and directories in its installation directory, but when implementing this protection, it cannot prevent malicious applications from calling the original API ZwSetInformationFile class FileLinkInformation, which allows attackers to replace the ones that the system does not use when calling this function document. A vulnerable file in the Outpost installation directory is SandBox.sys. An attacker can replace this driver with a fake copy, and the system will load the driver on the next reboot. Since the driver runs in privileged kernel mode, this can result in complete system control",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-0333"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001401"
},
{
"db": "BID",
"id": "22069"
},
{
"db": "VULHUB",
"id": "VHN-23695"
}
],
"trust": 1.98
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-23695",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-23695"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2007-0333",
"trust": 2.5
},
{
"db": "BID",
"id": "22069",
"trust": 2.0
},
{
"db": "SREASON",
"id": "2163",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "33480",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001401",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200701-255",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20070115 OUTPOST BYPASSING SELF-PROTECTION USING FILE LINKS VULNERABILITY",
"trust": 0.6
},
{
"db": "XF",
"id": "31529",
"trust": 0.6
},
{
"db": "SEEBUG",
"id": "SSVID-82968",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "29465",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-23695",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-23695"
},
{
"db": "BID",
"id": "22069"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001401"
},
{
"db": "NVD",
"id": "CVE-2007-0333"
},
{
"db": "CNNVD",
"id": "CNNVD-200701-255"
}
]
},
"id": "VAR-200701-0041",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-23695"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:32:30.627000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.agnitum.com/products/outpost/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-001401"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-0333"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www.matousec.com/info/advisories/outpost-bypassing-self-protection-using-file-links.php"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/22069"
},
{
"trust": 1.7,
"url": "http://osvdb.org/33480"
},
{
"trust": 1.7,
"url": "http://securityreason.com/securityalert/2163"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/456973/100/0/threaded"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31529"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-0333"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-0333"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/456973/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/31529"
},
{
"trust": 0.3,
"url": "http://www.agnitum.com/products/outpost/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-23695"
},
{
"db": "BID",
"id": "22069"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001401"
},
{
"db": "NVD",
"id": "CVE-2007-0333"
},
{
"db": "CNNVD",
"id": "CNNVD-200701-255"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-23695"
},
{
"db": "BID",
"id": "22069"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001401"
},
{
"db": "NVD",
"id": "CVE-2007-0333"
},
{
"db": "CNNVD",
"id": "CNNVD-200701-255"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-01-18T00:00:00",
"db": "VULHUB",
"id": "VHN-23695"
},
{
"date": "2007-01-15T00:00:00",
"db": "BID",
"id": "22069"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-001401"
},
{
"date": "2007-01-18T02:28:00",
"db": "NVD",
"id": "CVE-2007-0333"
},
{
"date": "2007-01-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200701-255"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-16T00:00:00",
"db": "VULHUB",
"id": "VHN-23695"
},
{
"date": "2007-01-16T20:20:00",
"db": "BID",
"id": "22069"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-001401"
},
{
"date": "2018-10-16T16:32:16.697000",
"db": "NVD",
"id": "CVE-2007-0333"
},
{
"date": "2007-01-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200701-255"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "22069"
},
{
"db": "CNNVD",
"id": "CNNVD-200701-255"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Agnitum Outpost Firewall PRO Vulnerable to Trojan horse driver insertion into the product installation directory",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-001401"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "22069"
},
{
"db": "CNNVD",
"id": "CNNVD-200701-255"
}
],
"trust": 0.9
}
}
VAR-200611-0067
Vulnerability from variot - Updated: 2023-12-18 12:23The \Device\SandBox driver in Outpost Firewall PRO 4.0 (964.582.059) allows local users to cause a denial of service (system crash) via an invalid argument to the DeviceIoControl function that triggers an invalid memory operation. Outpost Firewall PRO is prone to a local denial-of-service vulnerability because the application fails to properly handle unexpected input. Exploiting this issue allows local attackers to crash affected computers, denying service to legitimate users. Outpost Firewall PRO 4.0 (964.582.059) is vulnerable to this issue; other versions may also be affected.
To improve our services to our customers, we have made a number of additions to the Secunia Advisories and have started translating the advisories to German.
The improvements will help our customers to get a better understanding of how we reached our conclusions, how it was rated, our thoughts on exploitation, attack vectors, and scenarios.
This includes: * Reason for rating * Extended description * Extended solution * Exploit code or links to exploit code * Deep links
Read the full description: http://corporate.secunia.com/products/48/?r=l
Contact Secunia Sales for more information: http://corporate.secunia.com/how_to_buy/15/?r=l
TITLE: Outpost Firewall "Sandbox" Driver Denial Of Service Vulnerability
SECUNIA ADVISORY ID: SA22673
VERIFY ADVISORY: http://secunia.com/advisories/22673/
CRITICAL: Not critical
IMPACT: DoS
WHERE: Local system
SOFTWARE: Outpost Firewall Pro 4.x http://secunia.com/product/12472/
DESCRIPTION: Matousec has discovered a vulnerability in Outpost Firewall, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
The vulnerability is caused due to an error in the handling of data sent to the "Device\Sandbox" device. This can be exploited to crash a vulnerable system by sending arbitrary data to the said device.
The vulnerability is confirmed in version 4.0.964.6926 (582). Other versions may be affected as well.
SOLUTION: Restrict access to trusted users only.
PROVIDED AND/OR DISCOVERED BY: Matousec Transparent Security
ORIGINAL ADVISORY: Matousec Transparent Security: http://www.matousec.com/info/advisories/Outpost-Insufficient-validation-of-SandBox-driver-input-buffer.php
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200611-0067",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "outpost firewall",
"scope": "eq",
"trust": 1.6,
"vendor": "agnitum",
"version": "4.0"
},
{
"model": "outpost firewall",
"scope": "eq",
"trust": 0.8,
"vendor": "agnitum",
"version": "pro 4.0"
},
{
"model": "outpost firewall pro",
"scope": "eq",
"trust": 0.3,
"vendor": "agnitum",
"version": "4.0(964.582.059)"
}
],
"sources": [
{
"db": "BID",
"id": "20860"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001490"
},
{
"db": "NVD",
"id": "CVE-2006-5721"
},
{
"db": "CNNVD",
"id": "CNNVD-200611-054"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:agnitum:outpost_firewall:4.0:*:pro:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-5721"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Matousec Transparent Security discovered this issue.",
"sources": [
{
"db": "BID",
"id": "20860"
},
{
"db": "CNNVD",
"id": "CNNVD-200611-054"
}
],
"trust": 0.9
},
"cve": "CVE-2006-5721",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 4.9,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2006-5721",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "VHN-21829",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2006-5721",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200611-054",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-21829",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-21829"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001490"
},
{
"db": "NVD",
"id": "CVE-2006-5721"
},
{
"db": "CNNVD",
"id": "CNNVD-200611-054"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The \\Device\\SandBox driver in Outpost Firewall PRO 4.0 (964.582.059) allows local users to cause a denial of service (system crash) via an invalid argument to the DeviceIoControl function that triggers an invalid memory operation. Outpost Firewall PRO is prone to a local denial-of-service vulnerability because the application fails to properly handle unexpected input. \nExploiting this issue allows local attackers to crash affected computers, denying service to legitimate users. \nOutpost Firewall PRO 4.0 (964.582.059) is vulnerable to this issue; other versions may also be affected. \n\n----------------------------------------------------------------------\n\nTo improve our services to our customers, we have made a number of\nadditions to the Secunia Advisories and have started translating the\nadvisories to German. \n\nThe improvements will help our customers to get a better\nunderstanding of how we reached our conclusions, how it was rated,\nour thoughts on exploitation, attack vectors, and scenarios. \n\nThis includes:\n* Reason for rating\n* Extended description\n* Extended solution\n* Exploit code or links to exploit code\n* Deep links\n\nRead the full description:\nhttp://corporate.secunia.com/products/48/?r=l\n\nContact Secunia Sales for more information:\nhttp://corporate.secunia.com/how_to_buy/15/?r=l\n\n----------------------------------------------------------------------\n\nTITLE:\nOutpost Firewall \"Sandbox\" Driver Denial Of Service Vulnerability\n\nSECUNIA ADVISORY ID:\nSA22673\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/22673/\n\nCRITICAL:\nNot critical\n\nIMPACT:\nDoS\n\nWHERE:\nLocal system\n\nSOFTWARE:\nOutpost Firewall Pro 4.x\nhttp://secunia.com/product/12472/\n\nDESCRIPTION:\nMatousec has discovered a vulnerability in Outpost Firewall, which\ncan be exploited by malicious, local users to cause a DoS (Denial of\nService). \n\nThe vulnerability is caused due to an error in the handling of data\nsent to the \"Device\\Sandbox\" device. This can be exploited to crash a\nvulnerable system by sending arbitrary data to the said device. \n\nThe vulnerability is confirmed in version 4.0.964.6926 (582). Other\nversions may be affected as well. \n\nSOLUTION:\nRestrict access to trusted users only. \n\nPROVIDED AND/OR DISCOVERED BY:\nMatousec Transparent Security\n\nORIGINAL ADVISORY:\nMatousec Transparent Security:\nhttp://www.matousec.com/info/advisories/Outpost-Insufficient-validation-of-SandBox-driver-input-buffer.php\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-5721"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001490"
},
{
"db": "BID",
"id": "20860"
},
{
"db": "VULHUB",
"id": "VHN-21829"
},
{
"db": "PACKETSTORM",
"id": "51577"
}
],
"trust": 2.07
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-21829",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-21829"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2006-5721",
"trust": 2.5
},
{
"db": "BID",
"id": "20860",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "22673",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2006-4309",
"trust": 1.7
},
{
"db": "SREASON",
"id": "1821",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1017150",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001490",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200611-054",
"trust": 0.7
},
{
"db": "XF",
"id": "29969",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20061101 OUTPOST INSUFFICIENT VALIDATION OF \u0027SANDBOX\u0027 DRIVER INPUT BUFFER",
"trust": 0.6
},
{
"db": "SEEBUG",
"id": "SSVID-82438",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "28894",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-21829",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "51577",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-21829"
},
{
"db": "BID",
"id": "20860"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001490"
},
{
"db": "PACKETSTORM",
"id": "51577"
},
{
"db": "NVD",
"id": "CVE-2006-5721"
},
{
"db": "CNNVD",
"id": "CNNVD-200611-054"
}
]
},
"id": "VAR-200611-0067",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-21829"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:23:49.406000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.agnitum.com/products/outpost/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-001490"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-5721"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://www.matousec.com/info/advisories/outpost-insufficient-validation-of-sandbox-driver-input-buffer.php"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/20860"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1017150"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/22673"
},
{
"trust": 1.7,
"url": "http://securityreason.com/securityalert/1821"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/450293/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2006/4309"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29969"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-5721"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-5721"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/450293/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2006/4309"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/29969"
},
{
"trust": 0.3,
"url": "http://www.agnitum.com/products/outpost/"
},
{
"trust": 0.3,
"url": "/archive/1/450293"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://corporate.secunia.com/products/48/?r=l"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/22673/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/12472/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://corporate.secunia.com/how_to_buy/15/?r=l"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-21829"
},
{
"db": "BID",
"id": "20860"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001490"
},
{
"db": "PACKETSTORM",
"id": "51577"
},
{
"db": "NVD",
"id": "CVE-2006-5721"
},
{
"db": "CNNVD",
"id": "CNNVD-200611-054"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-21829"
},
{
"db": "BID",
"id": "20860"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001490"
},
{
"db": "PACKETSTORM",
"id": "51577"
},
{
"db": "NVD",
"id": "CVE-2006-5721"
},
{
"db": "CNNVD",
"id": "CNNVD-200611-054"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-11-04T00:00:00",
"db": "VULHUB",
"id": "VHN-21829"
},
{
"date": "2006-11-01T00:00:00",
"db": "BID",
"id": "20860"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-001490"
},
{
"date": "2006-11-02T15:01:38",
"db": "PACKETSTORM",
"id": "51577"
},
{
"date": "2006-11-04T01:07:00",
"db": "NVD",
"id": "CVE-2006-5721"
},
{
"date": "2006-11-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200611-054"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-17T00:00:00",
"db": "VULHUB",
"id": "VHN-21829"
},
{
"date": "2006-11-02T17:32:00",
"db": "BID",
"id": "20860"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-001490"
},
{
"date": "2018-10-17T21:44:17.067000",
"db": "NVD",
"id": "CVE-2006-5721"
},
{
"date": "2006-11-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200611-054"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "20860"
},
{
"db": "PACKETSTORM",
"id": "51577"
},
{
"db": "CNNVD",
"id": "CNNVD-200611-054"
}
],
"trust": 1.0
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Outpost Firewall PRO Local Denial of Service Vulnerability",
"sources": [
{
"db": "BID",
"id": "20860"
},
{
"db": "CNNVD",
"id": "CNNVD-200611-054"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200611-054"
}
],
"trust": 0.6
}
}
VAR-200709-0081
Vulnerability from variot - Updated: 2023-12-18 12:12Outpost Firewall Pro 4.0.1025.7828 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via the (1) NtCreateKey, (2) NtDeleteFile, (3) NtLoadDriver, (4) NtOpenProcess, (5) NtOpenSection, (6) NtOpenThread, and (7) NtUnloadDriver kernel SSDT hooks, a partial regression of CVE-2006-7160. This vulnerability CVE-2006-7160 Vulnerability caused by some regressions.By local users SSDT Service operation disruption through the following ( crash ) There is a possibility that it becomes a state and authority is acquired. (1) NtCreateKey kernel (2) NtDeleteFile kernel (3) NtLoadDriver kernel (4) NtOpenProcess kernel (5) NtOpenSection kernel (6) NtOpenThread kernel (7) NtUnloadDriver kernel. Outpost Firewall is prone to a denial-of-service vulnerability
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200709-0081",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "outpost firewall",
"scope": "eq",
"trust": 1.9,
"vendor": "agnitum",
"version": "4.0.1025.7828"
},
{
"model": "outpost firewall",
"scope": "eq",
"trust": 0.8,
"vendor": "agnitum",
"version": "pro 4.0.1025.7828"
}
],
"sources": [
{
"db": "BID",
"id": "81577"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002674"
},
{
"db": "NVD",
"id": "CVE-2007-5042"
},
{
"db": "CNNVD",
"id": "CNNVD-200709-339"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:agnitum:outpost_firewall:4.0.1025.7828:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-5042"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "81577"
}
],
"trust": 0.3
},
"cve": "CVE-2007-5042",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 4.6,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2007-5042",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-28404",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2007-5042",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200709-339",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-28404",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-28404"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002674"
},
{
"db": "NVD",
"id": "CVE-2007-5042"
},
{
"db": "CNNVD",
"id": "CNNVD-200709-339"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Outpost Firewall Pro 4.0.1025.7828 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via the (1) NtCreateKey, (2) NtDeleteFile, (3) NtLoadDriver, (4) NtOpenProcess, (5) NtOpenSection, (6) NtOpenThread, and (7) NtUnloadDriver kernel SSDT hooks, a partial regression of CVE-2006-7160. This vulnerability CVE-2006-7160 Vulnerability caused by some regressions.By local users SSDT Service operation disruption through the following ( crash ) There is a possibility that it becomes a state and authority is acquired. (1) NtCreateKey kernel (2) NtDeleteFile kernel (3) NtLoadDriver kernel (4) NtOpenProcess kernel (5) NtOpenSection kernel (6) NtOpenThread kernel (7) NtUnloadDriver kernel. Outpost Firewall is prone to a denial-of-service vulnerability",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-5042"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002674"
},
{
"db": "BID",
"id": "81577"
},
{
"db": "VULHUB",
"id": "VHN-28404"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2007-5042",
"trust": 2.8
},
{
"db": "SREASON",
"id": "3161",
"trust": 2.0
},
{
"db": "OSVDB",
"id": "45899",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002674",
"trust": 0.8
},
{
"db": "BUGTRAQ",
"id": "20070918 PLAGUE IN (SECURITY) SOFTWARE DRIVERS \u0026 BSDOHOOK UTILITY",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200709-339",
"trust": 0.6
},
{
"db": "BID",
"id": "81577",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-28404",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-28404"
},
{
"db": "BID",
"id": "81577"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002674"
},
{
"db": "NVD",
"id": "CVE-2007-5042"
},
{
"db": "CNNVD",
"id": "CNNVD-200709-339"
}
]
},
"id": "VAR-200709-0081",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-28404"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:12:26.215000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.agnitum.com/products/outpost/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-002674"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-28404"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002674"
},
{
"db": "NVD",
"id": "CVE-2007-5042"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php"
},
{
"trust": 2.0,
"url": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php"
},
{
"trust": 2.0,
"url": "http://securityreason.com/securityalert/3161"
},
{
"trust": 1.7,
"url": "http://osvdb.org/45899"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/479830/100/0/threaded"
},
{
"trust": 0.9,
"url": "http://www.securityfocus.com/archive/1/archive/1/479830/100/0/threaded"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5042"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-5042"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-28404"
},
{
"db": "BID",
"id": "81577"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002674"
},
{
"db": "NVD",
"id": "CVE-2007-5042"
},
{
"db": "CNNVD",
"id": "CNNVD-200709-339"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-28404"
},
{
"db": "BID",
"id": "81577"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002674"
},
{
"db": "NVD",
"id": "CVE-2007-5042"
},
{
"db": "CNNVD",
"id": "CNNVD-200709-339"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-09-24T00:00:00",
"db": "VULHUB",
"id": "VHN-28404"
},
{
"date": "2007-09-23T00:00:00",
"db": "BID",
"id": "81577"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-002674"
},
{
"date": "2007-09-24T00:17:00",
"db": "NVD",
"id": "CVE-2007-5042"
},
{
"date": "2007-09-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200709-339"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-15T00:00:00",
"db": "VULHUB",
"id": "VHN-28404"
},
{
"date": "2007-09-23T00:00:00",
"db": "BID",
"id": "81577"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-002674"
},
{
"date": "2018-10-15T21:40:07.757000",
"db": "NVD",
"id": "CVE-2007-5042"
},
{
"date": "2007-09-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200709-339"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "81577"
},
{
"db": "CNNVD",
"id": "CNNVD-200709-339"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Outpost Firewall Pro Service disruption in (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-002674"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200709-339"
}
],
"trust": 0.6
}
}
CVE-2010-5171 (GCVE-0-2010-5171)
Vulnerability from nvd – Published: 2012-08-25 21:00 – Updated: 2024-09-16 20:36 Disputed
VLAI
Summary
Race condition in Outpost Security Suite Pro 6.7.3.3063.452.0726 and 7.0.3330.505.1221 BETA on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| http://archives.neohapsis.com/archives/bugtraq/20… | mailing-listx_refsource_BUGTRAQ |
| http://countermeasures.trendmicro.eu/you-just-can… | x_refsource_MISC |
| http://www.securityfocus.com/bid/39924 | vdb-entryx_refsource_BID |
| http://matousec.com/info/articles/khobe-8.0-earth… | x_refsource_MISC |
| http://archives.neohapsis.com/archives/fulldisclo… | mailing-listx_refsource_FULLDISC |
| http://www.osvdb.org/67660 | vdb-entryx_refsource_OSVDB |
| http://www.theregister.co.uk/2010/05/07/argument_… | x_refsource_MISC |
| http://www.f-secure.com/weblog/archives/00001949.html | x_refsource_MISC |
| http://matousec.com/info/advisories/khobe-8.0-ear… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:09:39.296Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20100505 KHOBE - 8.0 earthquake for Windows desktop security software",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-05/0026.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://countermeasures.trendmicro.eu/you-just-cant-trust-a-drunk/"
},
{
"name": "39924",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/39924"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://matousec.com/info/articles/khobe-8.0-earthquake-for-windows-desktop-security-software.php"
},
{
"name": "20100505 KHOBE - 8.0 earthquake for Windows desktop security software",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0066.html"
},
{
"name": "67660",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/67660"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.theregister.co.uk/2010/05/07/argument_switch_av_bypass/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.f-secure.com/weblog/archives/00001949.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://matousec.com/info/advisories/khobe-8.0-earthquake-for-windows-desktop-security-software.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Race condition in Outpost Security Suite Pro 6.7.3.3063.452.0726 and 7.0.3330.505.1221 BETA on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-08-25T21:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20100505 KHOBE - 8.0 earthquake for Windows desktop security software",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-05/0026.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://countermeasures.trendmicro.eu/you-just-cant-trust-a-drunk/"
},
{
"name": "39924",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/39924"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://matousec.com/info/articles/khobe-8.0-earthquake-for-windows-desktop-security-software.php"
},
{
"name": "20100505 KHOBE - 8.0 earthquake for Windows desktop security software",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0066.html"
},
{
"name": "67660",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/67660"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.theregister.co.uk/2010/05/07/argument_switch_av_bypass/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.f-secure.com/weblog/archives/00001949.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://matousec.com/info/advisories/khobe-8.0-earthquake-for-windows-desktop-security-software.php"
}
],
"tags": [
"disputed"
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-5171",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** Race condition in Outpost Security Suite Pro 6.7.3.3063.452.0726 and 7.0.3330.505.1221 BETA on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20100505 KHOBE - 8.0 earthquake for Windows desktop security software",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-05/0026.html"
},
{
"name": "http://countermeasures.trendmicro.eu/you-just-cant-trust-a-drunk/",
"refsource": "MISC",
"url": "http://countermeasures.trendmicro.eu/you-just-cant-trust-a-drunk/"
},
{
"name": "39924",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/39924"
},
{
"name": "http://matousec.com/info/articles/khobe-8.0-earthquake-for-windows-desktop-security-software.php",
"refsource": "MISC",
"url": "http://matousec.com/info/articles/khobe-8.0-earthquake-for-windows-desktop-security-software.php"
},
{
"name": "20100505 KHOBE - 8.0 earthquake for Windows desktop security software",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0066.html"
},
{
"name": "67660",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/67660"
},
{
"name": "http://www.theregister.co.uk/2010/05/07/argument_switch_av_bypass/",
"refsource": "MISC",
"url": "http://www.theregister.co.uk/2010/05/07/argument_switch_av_bypass/"
},
{
"name": "http://www.f-secure.com/weblog/archives/00001949.html",
"refsource": "MISC",
"url": "http://www.f-secure.com/weblog/archives/00001949.html"
},
{
"name": "http://matousec.com/info/advisories/khobe-8.0-earthquake-for-windows-desktop-security-software.php",
"refsource": "MISC",
"url": "http://matousec.com/info/advisories/khobe-8.0-earthquake-for-windows-desktop-security-software.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-5171",
"datePublished": "2012-08-25T21:00:00.000Z",
"dateReserved": "2012-08-25T00:00:00.000Z",
"dateUpdated": "2024-09-16T20:36:23.197Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5042 (GCVE-0-2007-5042)
Vulnerability from nvd – Published: 2007-09-24 00:00 – Updated: 2024-08-07 15:17
VLAI
Summary
Outpost Firewall Pro 4.0.1025.7828 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via the (1) NtCreateKey, (2) NtDeleteFile, (3) NtLoadDriver, (4) NtOpenProcess, (5) NtOpenSection, (6) NtOpenThread, and (7) NtUnloadDriver kernel SSDT hooks, a partial regression of CVE-2006-7160.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://securityreason.com/securityalert/3161 | third-party-advisoryx_refsource_SREASON |
| http://osvdb.org/45899 | vdb-entryx_refsource_OSVDB |
| http://www.matousec.com/info/advisories/plague-in… | x_refsource_MISC |
| http://www.matousec.com/projects/windows-personal… | x_refsource_MISC |
| http://www.securityfocus.com/archive/1/479830/100… | mailing-listx_refsource_BUGTRAQ |
Date Public
2007-09-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:17:28.319Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "3161",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3161"
},
{
"name": "45899",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/45899"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php"
},
{
"name": "20070918 Plague in (security) software drivers \u0026 BSDOhook utility",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/479830/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-09-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Outpost Firewall Pro 4.0.1025.7828 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via the (1) NtCreateKey, (2) NtDeleteFile, (3) NtLoadDriver, (4) NtOpenProcess, (5) NtOpenSection, (6) NtOpenThread, and (7) NtUnloadDriver kernel SSDT hooks, a partial regression of CVE-2006-7160."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "3161",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3161"
},
{
"name": "45899",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/45899"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php"
},
{
"name": "20070918 Plague in (security) software drivers \u0026 BSDOhook utility",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/479830/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5042",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Outpost Firewall Pro 4.0.1025.7828 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via the (1) NtCreateKey, (2) NtDeleteFile, (3) NtLoadDriver, (4) NtOpenProcess, (5) NtOpenSection, (6) NtOpenThread, and (7) NtUnloadDriver kernel SSDT hooks, a partial regression of CVE-2006-7160."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "3161",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3161"
},
{
"name": "45899",
"refsource": "OSVDB",
"url": "http://osvdb.org/45899"
},
{
"name": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php",
"refsource": "MISC",
"url": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php"
},
{
"name": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php",
"refsource": "MISC",
"url": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php"
},
{
"name": "20070918 Plague in (security) software drivers \u0026 BSDOhook utility",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/479830/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5042",
"datePublished": "2007-09-24T00:00:00.000Z",
"dateReserved": "2007-09-23T00:00:00.000Z",
"dateUpdated": "2024-08-07T15:17:28.319Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-3086 (GCVE-0-2007-3086)
Vulnerability from nvd – Published: 2007-06-06 10:00 – Updated: 2024-08-07 14:05
VLAI
Summary
Unrestricted critical resource lock in Agnitum Outpost Firewall PRO 4.0 1007.591.145 and earlier allows local users to cause a denial of service (system hang) by capturing the outpost_ipc_hdr mutex.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/archive/1/470278/100… | mailing-listx_refsource_BUGTRAQ |
| http://osvdb.org/42038 | vdb-entryx_refsource_OSVDB |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.matousec.com/info/advisories/Outpost-E… | x_refsource_MISC |
| http://securityreason.com/securityalert/2775 | third-party-advisoryx_refsource_SREASON |
| http://www.securityfocus.com/bid/24284 | vdb-entryx_refsource_BID |
Date Public
2007-06-01 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:05:29.252Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20070601 Outpost Enforcing system reboot with \u0027outpost_ipc_hdr\u0027 mutex Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/470278/100/0/threaded"
},
{
"name": "42038",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/42038"
},
{
"name": "outpostfirewall-outpostipchdr-dos(34686)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34686"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.matousec.com/info/advisories/Outpost-Enforcing-system-reboot-with-outpost_ipc_hdr-mutex.php"
},
{
"name": "2775",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2775"
},
{
"name": "24284",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24284"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-06-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unrestricted critical resource lock in Agnitum Outpost Firewall PRO 4.0 1007.591.145 and earlier allows local users to cause a denial of service (system hang) by capturing the outpost_ipc_hdr mutex."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20070601 Outpost Enforcing system reboot with \u0027outpost_ipc_hdr\u0027 mutex Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/470278/100/0/threaded"
},
{
"name": "42038",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/42038"
},
{
"name": "outpostfirewall-outpostipchdr-dos(34686)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34686"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.matousec.com/info/advisories/Outpost-Enforcing-system-reboot-with-outpost_ipc_hdr-mutex.php"
},
{
"name": "2775",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2775"
},
{
"name": "24284",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24284"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3086",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unrestricted critical resource lock in Agnitum Outpost Firewall PRO 4.0 1007.591.145 and earlier allows local users to cause a denial of service (system hang) by capturing the outpost_ipc_hdr mutex."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070601 Outpost Enforcing system reboot with \u0027outpost_ipc_hdr\u0027 mutex Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/470278/100/0/threaded"
},
{
"name": "42038",
"refsource": "OSVDB",
"url": "http://osvdb.org/42038"
},
{
"name": "outpostfirewall-outpostipchdr-dos(34686)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34686"
},
{
"name": "http://www.matousec.com/info/advisories/Outpost-Enforcing-system-reboot-with-outpost_ipc_hdr-mutex.php",
"refsource": "MISC",
"url": "http://www.matousec.com/info/advisories/Outpost-Enforcing-system-reboot-with-outpost_ipc_hdr-mutex.php"
},
{
"name": "2775",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2775"
},
{
"name": "24284",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24284"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-3086",
"datePublished": "2007-06-06T10:00:00.000Z",
"dateReserved": "2007-06-05T00:00:00.000Z",
"dateUpdated": "2024-08-07T14:05:29.252Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-7160 (GCVE-0-2006-7160)
Vulnerability from nvd – Published: 2007-03-07 20:00 – Updated: 2024-08-07 20:57
VLAI
Summary
The Sandbox.sys driver in Outpost Firewall PRO 4.0, and possibly earlier versions, does not validate arguments to hooked SSDT functions, which allows local users to cause a denial of service (crash) via invalid arguments to the (1) NtAssignProcessToJobObject,, (2) NtCreateKey, (3) NtCreateThread, (4) NtDeleteFile, (5) NtLoadDriver, (6) NtOpenProcess, (7) NtProtectVirtualMemory, (8) NtReplaceKey, (9) NtTerminateProcess, (10) NtTerminateThread, (11) NtUnloadDriver, and (12) NtWriteVirtualMemory functions.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://securityreason.com/securityalert/2376 | third-party-advisoryx_refsource_SREASON |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.vupen.com/english/advisories/2006/4537 | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/archive/1/451672/100… | mailing-listx_refsource_BUGTRAQ |
| http://secunia.com/advisories/22913 | third-party-advisoryx_refsource_SECUNIA |
| http://www.matousec.com/info/advisories/Outpost-M… | x_refsource_MISC |
| http://www.securityfocus.com/bid/21097 | vdb-entryx_refsource_BID |
Date Public
2006-11-15 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:57:39.963Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "2376",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2376"
},
{
"name": "outpostfirewall-multiple-functions-dos(30312)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30312"
},
{
"name": "ADV-2006-4537",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4537"
},
{
"name": "20061115 Outpost Multiple insufficient argument validation of hooked SSDT function Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/451672/100/0/threaded"
},
{
"name": "22913",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22913"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.matousec.com/info/advisories/Outpost-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php"
},
{
"name": "21097",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/21097"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-11-15T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Sandbox.sys driver in Outpost Firewall PRO 4.0, and possibly earlier versions, does not validate arguments to hooked SSDT functions, which allows local users to cause a denial of service (crash) via invalid arguments to the (1) NtAssignProcessToJobObject,, (2) NtCreateKey, (3) NtCreateThread, (4) NtDeleteFile, (5) NtLoadDriver, (6) NtOpenProcess, (7) NtProtectVirtualMemory, (8) NtReplaceKey, (9) NtTerminateProcess, (10) NtTerminateThread, (11) NtUnloadDriver, and (12) NtWriteVirtualMemory functions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "2376",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2376"
},
{
"name": "outpostfirewall-multiple-functions-dos(30312)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30312"
},
{
"name": "ADV-2006-4537",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4537"
},
{
"name": "20061115 Outpost Multiple insufficient argument validation of hooked SSDT function Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/451672/100/0/threaded"
},
{
"name": "22913",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22913"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.matousec.com/info/advisories/Outpost-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php"
},
{
"name": "21097",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/21097"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-7160",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Sandbox.sys driver in Outpost Firewall PRO 4.0, and possibly earlier versions, does not validate arguments to hooked SSDT functions, which allows local users to cause a denial of service (crash) via invalid arguments to the (1) NtAssignProcessToJobObject,, (2) NtCreateKey, (3) NtCreateThread, (4) NtDeleteFile, (5) NtLoadDriver, (6) NtOpenProcess, (7) NtProtectVirtualMemory, (8) NtReplaceKey, (9) NtTerminateProcess, (10) NtTerminateThread, (11) NtUnloadDriver, and (12) NtWriteVirtualMemory functions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "2376",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2376"
},
{
"name": "outpostfirewall-multiple-functions-dos(30312)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30312"
},
{
"name": "ADV-2006-4537",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4537"
},
{
"name": "20061115 Outpost Multiple insufficient argument validation of hooked SSDT function Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/451672/100/0/threaded"
},
{
"name": "22913",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22913"
},
{
"name": "http://www.matousec.com/info/advisories/Outpost-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php",
"refsource": "MISC",
"url": "http://www.matousec.com/info/advisories/Outpost-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php"
},
{
"name": "21097",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21097"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-7160",
"datePublished": "2007-03-07T20:00:00.000Z",
"dateReserved": "2007-03-07T00:00:00.000Z",
"dateUpdated": "2024-08-07T20:57:39.963Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-0333 (GCVE-0-2007-0333)
Vulnerability from nvd – Published: 2007-01-18 02:00 – Updated: 2024-08-07 12:12
VLAI
Summary
Agnitum Outpost Firewall PRO 4.0 allows local users to bypass access restrictions and insert Trojan horse drivers into the product's installation directory by creating links using FileLinkInformation requests with the ZwSetInformationFile function, as demonstrated by modifying SandBox.sys.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/archive/1/456973/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.matousec.com/info/advisories/Outpost-B… | x_refsource_MISC |
| http://www.securityfocus.com/bid/22069 | vdb-entryx_refsource_BID |
| http://osvdb.org/33480 | vdb-entryx_refsource_OSVDB |
| http://securityreason.com/securityalert/2163 | third-party-advisoryx_refsource_SREASON |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2007-01-15 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:12:18.103Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20070115 Outpost Bypassing Self-Protection using file links Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/456973/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.matousec.com/info/advisories/Outpost-Bypassing-Self-Protection-using-file-links.php"
},
{
"name": "22069",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22069"
},
{
"name": "33480",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/33480"
},
{
"name": "2163",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2163"
},
{
"name": "outpostfirewall-zwset-privilege-escalation(31529)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31529"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-01-15T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Agnitum Outpost Firewall PRO 4.0 allows local users to bypass access restrictions and insert Trojan horse drivers into the product\u0027s installation directory by creating links using FileLinkInformation requests with the ZwSetInformationFile function, as demonstrated by modifying SandBox.sys."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20070115 Outpost Bypassing Self-Protection using file links Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/456973/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.matousec.com/info/advisories/Outpost-Bypassing-Self-Protection-using-file-links.php"
},
{
"name": "22069",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22069"
},
{
"name": "33480",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/33480"
},
{
"name": "2163",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2163"
},
{
"name": "outpostfirewall-zwset-privilege-escalation(31529)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31529"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0333",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Agnitum Outpost Firewall PRO 4.0 allows local users to bypass access restrictions and insert Trojan horse drivers into the product\u0027s installation directory by creating links using FileLinkInformation requests with the ZwSetInformationFile function, as demonstrated by modifying SandBox.sys."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070115 Outpost Bypassing Self-Protection using file links Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/456973/100/0/threaded"
},
{
"name": "http://www.matousec.com/info/advisories/Outpost-Bypassing-Self-Protection-using-file-links.php",
"refsource": "MISC",
"url": "http://www.matousec.com/info/advisories/Outpost-Bypassing-Self-Protection-using-file-links.php"
},
{
"name": "22069",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22069"
},
{
"name": "33480",
"refsource": "OSVDB",
"url": "http://osvdb.org/33480"
},
{
"name": "2163",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2163"
},
{
"name": "outpostfirewall-zwset-privilege-escalation(31529)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31529"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0333",
"datePublished": "2007-01-18T02:00:00.000Z",
"dateReserved": "2007-01-17T00:00:00.000Z",
"dateUpdated": "2024-08-07T12:12:18.103Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-5721 (GCVE-0-2006-5721)
Vulnerability from nvd – Published: 2006-11-04 01:00 – Updated: 2024-08-07 20:04
VLAI
Summary
The \Device\SandBox driver in Outpost Firewall PRO 4.0 (964.582.059) allows local users to cause a denial of service (system crash) via an invalid argument to the DeviceIoControl function that triggers an invalid memory operation.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.vupen.com/english/advisories/2006/4309 | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/bid/20860 | vdb-entryx_refsource_BID |
| http://secunia.com/advisories/22673 | third-party-advisoryx_refsource_SECUNIA |
| http://www.matousec.com/info/advisories/Outpost-I… | x_refsource_MISC |
| http://securityreason.com/securityalert/1821 | third-party-advisoryx_refsource_SREASON |
| http://securitytracker.com/id?1017150 | vdb-entryx_refsource_SECTRACK |
| http://www.securityfocus.com/archive/1/450293/100… | mailing-listx_refsource_BUGTRAQ |
Date Public
2006-11-01 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:04:54.744Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "outpostfirewall-sandbox-dos(29969)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29969"
},
{
"name": "ADV-2006-4309",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4309"
},
{
"name": "20860",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20860"
},
{
"name": "22673",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22673"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.matousec.com/info/advisories/Outpost-Insufficient-validation-of-SandBox-driver-input-buffer.php"
},
{
"name": "1821",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/1821"
},
{
"name": "1017150",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017150"
},
{
"name": "20061101 Outpost Insufficient validation of \u0027SandBox\u0027 driver input buffer",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/450293/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-11-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The \\Device\\SandBox driver in Outpost Firewall PRO 4.0 (964.582.059) allows local users to cause a denial of service (system crash) via an invalid argument to the DeviceIoControl function that triggers an invalid memory operation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "outpostfirewall-sandbox-dos(29969)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29969"
},
{
"name": "ADV-2006-4309",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4309"
},
{
"name": "20860",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20860"
},
{
"name": "22673",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22673"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.matousec.com/info/advisories/Outpost-Insufficient-validation-of-SandBox-driver-input-buffer.php"
},
{
"name": "1821",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/1821"
},
{
"name": "1017150",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017150"
},
{
"name": "20061101 Outpost Insufficient validation of \u0027SandBox\u0027 driver input buffer",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/450293/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5721",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The \\Device\\SandBox driver in Outpost Firewall PRO 4.0 (964.582.059) allows local users to cause a denial of service (system crash) via an invalid argument to the DeviceIoControl function that triggers an invalid memory operation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "outpostfirewall-sandbox-dos(29969)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29969"
},
{
"name": "ADV-2006-4309",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4309"
},
{
"name": "20860",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20860"
},
{
"name": "22673",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22673"
},
{
"name": "http://www.matousec.com/info/advisories/Outpost-Insufficient-validation-of-SandBox-driver-input-buffer.php",
"refsource": "MISC",
"url": "http://www.matousec.com/info/advisories/Outpost-Insufficient-validation-of-SandBox-driver-input-buffer.php"
},
{
"name": "1821",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1821"
},
{
"name": "1017150",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017150"
},
{
"name": "20061101 Outpost Insufficient validation of \u0027SandBox\u0027 driver input buffer",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/450293/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5721",
"datePublished": "2006-11-04T01:00:00.000Z",
"dateReserved": "2006-11-03T00:00:00.000Z",
"dateUpdated": "2024-08-07T20:04:54.744Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-3697 (GCVE-0-2006-3697)
Vulnerability from nvd – Published: 2006-07-19 01:00 – Updated: 2024-08-07 18:39
VLAI
Summary
Agnitum Outpost Firewall Pro 3.51.759.6511 (462), as used in (1) Lavasoft Personal Firewall 1.0.543.5722 (433) and (2) Novell BorderManager Novell Client Firewall 2.0, does not properly restrict user activities in application windows that run in a LocalSystem context, which allows local users to gain privileges and execute commands (a) via the "open folder" option when no instance of explorer.exe is running, possibly related to the ShellExecute API function; or (b) by overwriting a batch file through the "Save Configuration As" option. NOTE: this might be a vulnerability in Microsoft Windows and explorer.exe instead of the firewall.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
11 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/21089 | third-party-advisoryx_refsource_SECUNIA |
| http://www.osvdb.org/27349 | vdb-entryx_refsource_OSVDB |
| http://www.securityfocus.com/bid/19018 | vdb-entryx_refsource_BID |
| http://www.securityfocus.com/archive/1/440426/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.vupen.com/english/advisories/2007/0144 | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/bid/19024 | vdb-entryx_refsource_BID |
| http://www.vupen.com/english/advisories/2006/2851 | vdb-entryx_refsource_VUPEN |
| http://www.vupen.com/english/advisories/2006/2852 | vdb-entryx_refsource_VUPEN |
| http://www.ben.goulding.com.au/secad.html | x_refsource_MISC |
| http://secunia.com/advisories/21088 | third-party-advisoryx_refsource_SECUNIA |
| https://secure-support.novell.com/KanisaPlatform/… | x_refsource_CONFIRM |
Date Public
2006-07-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:39:53.553Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "21089",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21089"
},
{
"name": "27349",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/27349"
},
{
"name": "19018",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19018"
},
{
"name": "20060716 Escalation of privileges in Outpost and Lavasoft Firewalls -Unusual ShellExecute behavior",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/440426/100/0/threaded"
},
{
"name": "ADV-2007-0144",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0144"
},
{
"name": "19024",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19024"
},
{
"name": "ADV-2006-2851",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2851"
},
{
"name": "ADV-2006-2852",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2852"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ben.goulding.com.au/secad.html"
},
{
"name": "21088",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21088"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://secure-support.novell.com/KanisaPlatform/Publishing/903/3762108_f.SAL_Public.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-07-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Agnitum Outpost Firewall Pro 3.51.759.6511 (462), as used in (1) Lavasoft Personal Firewall 1.0.543.5722 (433) and (2) Novell BorderManager Novell Client Firewall 2.0, does not properly restrict user activities in application windows that run in a LocalSystem context, which allows local users to gain privileges and execute commands (a) via the \"open folder\" option when no instance of explorer.exe is running, possibly related to the ShellExecute API function; or (b) by overwriting a batch file through the \"Save Configuration As\" option. NOTE: this might be a vulnerability in Microsoft Windows and explorer.exe instead of the firewall."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "21089",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21089"
},
{
"name": "27349",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/27349"
},
{
"name": "19018",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19018"
},
{
"name": "20060716 Escalation of privileges in Outpost and Lavasoft Firewalls -Unusual ShellExecute behavior",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/440426/100/0/threaded"
},
{
"name": "ADV-2007-0144",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0144"
},
{
"name": "19024",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19024"
},
{
"name": "ADV-2006-2851",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2851"
},
{
"name": "ADV-2006-2852",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2852"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ben.goulding.com.au/secad.html"
},
{
"name": "21088",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21088"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://secure-support.novell.com/KanisaPlatform/Publishing/903/3762108_f.SAL_Public.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3697",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Agnitum Outpost Firewall Pro 3.51.759.6511 (462), as used in (1) Lavasoft Personal Firewall 1.0.543.5722 (433) and (2) Novell BorderManager Novell Client Firewall 2.0, does not properly restrict user activities in application windows that run in a LocalSystem context, which allows local users to gain privileges and execute commands (a) via the \"open folder\" option when no instance of explorer.exe is running, possibly related to the ShellExecute API function; or (b) by overwriting a batch file through the \"Save Configuration As\" option. NOTE: this might be a vulnerability in Microsoft Windows and explorer.exe instead of the firewall."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "21089",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21089"
},
{
"name": "27349",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/27349"
},
{
"name": "19018",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19018"
},
{
"name": "20060716 Escalation of privileges in Outpost and Lavasoft Firewalls -Unusual ShellExecute behavior",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/440426/100/0/threaded"
},
{
"name": "ADV-2007-0144",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0144"
},
{
"name": "19024",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19024"
},
{
"name": "ADV-2006-2851",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2851"
},
{
"name": "ADV-2006-2852",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2852"
},
{
"name": "http://www.ben.goulding.com.au/secad.html",
"refsource": "MISC",
"url": "http://www.ben.goulding.com.au/secad.html"
},
{
"name": "21088",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21088"
},
{
"name": "https://secure-support.novell.com/KanisaPlatform/Publishing/903/3762108_f.SAL_Public.html",
"refsource": "CONFIRM",
"url": "https://secure-support.novell.com/KanisaPlatform/Publishing/903/3762108_f.SAL_Public.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-3697",
"datePublished": "2006-07-19T01:00:00.000Z",
"dateReserved": "2006-07-18T00:00:00.000Z",
"dateUpdated": "2024-08-07T18:39:53.553Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-3696 (GCVE-0-2006-3696)
Vulnerability from nvd – Published: 2006-07-19 01:00 – Updated: 2024-08-07 18:39
VLAI
Summary
filtnt.sys in Outpost Firewall Pro before 3.51.759.6511 (462) allows local users to cause a denial of service (crash) via long arguments to mshta.exe.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/21095 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/bid/19026 | vdb-entryx_refsource_BID |
| http://www.securityfocus.com/archive/1/440427 | mailing-listx_refsource_BUGTRAQ |
| http://securityreason.com/securityalert/1247 | third-party-advisoryx_refsource_SREASON |
| http://www.vupen.com/english/advisories/2006/2853 | vdb-entryx_refsource_VUPEN |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2006-07-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:39:53.930Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "21095",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21095"
},
{
"name": "19026",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19026"
},
{
"name": "20060717 Outpost Firewall Pro secrately fixing security flaws?",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/440427"
},
{
"name": "1247",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/1247"
},
{
"name": "ADV-2006-2853",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2853"
},
{
"name": "outpost-firewall-filtnt-bo(27840)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27840"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-07-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "filtnt.sys in Outpost Firewall Pro before 3.51.759.6511 (462) allows local users to cause a denial of service (crash) via long arguments to mshta.exe."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "21095",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21095"
},
{
"name": "19026",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19026"
},
{
"name": "20060717 Outpost Firewall Pro secrately fixing security flaws?",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/440427"
},
{
"name": "1247",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/1247"
},
{
"name": "ADV-2006-2853",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2853"
},
{
"name": "outpost-firewall-filtnt-bo(27840)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27840"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3696",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "filtnt.sys in Outpost Firewall Pro before 3.51.759.6511 (462) allows local users to cause a denial of service (crash) via long arguments to mshta.exe."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "21095",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21095"
},
{
"name": "19026",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19026"
},
{
"name": "20060717 Outpost Firewall Pro secrately fixing security flaws?",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/440427"
},
{
"name": "1247",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1247"
},
{
"name": "ADV-2006-2853",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2853"
},
{
"name": "outpost-firewall-filtnt-bo(27840)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27840"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-3696",
"datePublished": "2006-07-19T01:00:00.000Z",
"dateReserved": "2006-07-18T00:00:00.000Z",
"dateUpdated": "2024-08-07T18:39:53.930Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-2472 (GCVE-0-2004-2472)
Vulnerability from nvd – Published: 2005-08-20 04:00 – Updated: 2024-08-08 01:29
VLAI
Summary
Agnitum Outpost Pro Firewall 2.1 allows remote attackers to cause a denial of service (CPU consumption) via a flood of small, invalid packets, which can not be processed quickly enough by Outpost Pro.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/10338 | vdb-entryx_refsource_BID |
| http://secunia.com/advisories/11601 | third-party-advisoryx_refsource_SECUNIA |
| http://www.osvdb.org/6110 | vdb-entryx_refsource_OSVDB |
| http://www.securiteam.com/windowsntfocus/5FP0E0KC… | x_refsource_MISC |
| http://securitytracker.com/alerts/2004/May/1010151.html | vdb-entryx_refsource_SECTRACK |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2004-05-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:29:13.926Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "10338",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10338"
},
{
"name": "11601",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/11601"
},
{
"name": "6110",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/6110"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securiteam.com/windowsntfocus/5FP0E0KCUW.html"
},
{
"name": "1010151",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/alerts/2004/May/1010151.html"
},
{
"name": "outpost-packet-dos(16133)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16133"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-05-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Agnitum Outpost Pro Firewall 2.1 allows remote attackers to cause a denial of service (CPU consumption) via a flood of small, invalid packets, which can not be processed quickly enough by Outpost Pro."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "10338",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10338"
},
{
"name": "11601",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/11601"
},
{
"name": "6110",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/6110"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securiteam.com/windowsntfocus/5FP0E0KCUW.html"
},
{
"name": "1010151",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/alerts/2004/May/1010151.html"
},
{
"name": "outpost-packet-dos(16133)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16133"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-2472",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Agnitum Outpost Pro Firewall 2.1 allows remote attackers to cause a denial of service (CPU consumption) via a flood of small, invalid packets, which can not be processed quickly enough by Outpost Pro."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "10338",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10338"
},
{
"name": "11601",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/11601"
},
{
"name": "6110",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/6110"
},
{
"name": "http://www.securiteam.com/windowsntfocus/5FP0E0KCUW.html",
"refsource": "MISC",
"url": "http://www.securiteam.com/windowsntfocus/5FP0E0KCUW.html"
},
{
"name": "1010151",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/alerts/2004/May/1010151.html"
},
{
"name": "outpost-packet-dos(16133)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16133"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-2472",
"datePublished": "2005-08-20T04:00:00.000Z",
"dateReserved": "2005-08-20T00:00:00.000Z",
"dateUpdated": "2024-08-08T01:29:13.926Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-5171 (GCVE-0-2010-5171)
Vulnerability from cvelistv5 – Published: 2012-08-25 21:00 – Updated: 2024-09-16 20:36 Disputed
VLAI
Summary
Race condition in Outpost Security Suite Pro 6.7.3.3063.452.0726 and 7.0.3330.505.1221 BETA on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| http://archives.neohapsis.com/archives/bugtraq/20… | mailing-listx_refsource_BUGTRAQ |
| http://countermeasures.trendmicro.eu/you-just-can… | x_refsource_MISC |
| http://www.securityfocus.com/bid/39924 | vdb-entryx_refsource_BID |
| http://matousec.com/info/articles/khobe-8.0-earth… | x_refsource_MISC |
| http://archives.neohapsis.com/archives/fulldisclo… | mailing-listx_refsource_FULLDISC |
| http://www.osvdb.org/67660 | vdb-entryx_refsource_OSVDB |
| http://www.theregister.co.uk/2010/05/07/argument_… | x_refsource_MISC |
| http://www.f-secure.com/weblog/archives/00001949.html | x_refsource_MISC |
| http://matousec.com/info/advisories/khobe-8.0-ear… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:09:39.296Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20100505 KHOBE - 8.0 earthquake for Windows desktop security software",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-05/0026.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://countermeasures.trendmicro.eu/you-just-cant-trust-a-drunk/"
},
{
"name": "39924",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/39924"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://matousec.com/info/articles/khobe-8.0-earthquake-for-windows-desktop-security-software.php"
},
{
"name": "20100505 KHOBE - 8.0 earthquake for Windows desktop security software",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0066.html"
},
{
"name": "67660",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/67660"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.theregister.co.uk/2010/05/07/argument_switch_av_bypass/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.f-secure.com/weblog/archives/00001949.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://matousec.com/info/advisories/khobe-8.0-earthquake-for-windows-desktop-security-software.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Race condition in Outpost Security Suite Pro 6.7.3.3063.452.0726 and 7.0.3330.505.1221 BETA on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-08-25T21:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20100505 KHOBE - 8.0 earthquake for Windows desktop security software",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-05/0026.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://countermeasures.trendmicro.eu/you-just-cant-trust-a-drunk/"
},
{
"name": "39924",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/39924"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://matousec.com/info/articles/khobe-8.0-earthquake-for-windows-desktop-security-software.php"
},
{
"name": "20100505 KHOBE - 8.0 earthquake for Windows desktop security software",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0066.html"
},
{
"name": "67660",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/67660"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.theregister.co.uk/2010/05/07/argument_switch_av_bypass/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.f-secure.com/weblog/archives/00001949.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://matousec.com/info/advisories/khobe-8.0-earthquake-for-windows-desktop-security-software.php"
}
],
"tags": [
"disputed"
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-5171",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** Race condition in Outpost Security Suite Pro 6.7.3.3063.452.0726 and 7.0.3330.505.1221 BETA on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20100505 KHOBE - 8.0 earthquake for Windows desktop security software",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-05/0026.html"
},
{
"name": "http://countermeasures.trendmicro.eu/you-just-cant-trust-a-drunk/",
"refsource": "MISC",
"url": "http://countermeasures.trendmicro.eu/you-just-cant-trust-a-drunk/"
},
{
"name": "39924",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/39924"
},
{
"name": "http://matousec.com/info/articles/khobe-8.0-earthquake-for-windows-desktop-security-software.php",
"refsource": "MISC",
"url": "http://matousec.com/info/articles/khobe-8.0-earthquake-for-windows-desktop-security-software.php"
},
{
"name": "20100505 KHOBE - 8.0 earthquake for Windows desktop security software",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0066.html"
},
{
"name": "67660",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/67660"
},
{
"name": "http://www.theregister.co.uk/2010/05/07/argument_switch_av_bypass/",
"refsource": "MISC",
"url": "http://www.theregister.co.uk/2010/05/07/argument_switch_av_bypass/"
},
{
"name": "http://www.f-secure.com/weblog/archives/00001949.html",
"refsource": "MISC",
"url": "http://www.f-secure.com/weblog/archives/00001949.html"
},
{
"name": "http://matousec.com/info/advisories/khobe-8.0-earthquake-for-windows-desktop-security-software.php",
"refsource": "MISC",
"url": "http://matousec.com/info/advisories/khobe-8.0-earthquake-for-windows-desktop-security-software.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-5171",
"datePublished": "2012-08-25T21:00:00.000Z",
"dateReserved": "2012-08-25T00:00:00.000Z",
"dateUpdated": "2024-09-16T20:36:23.197Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5042 (GCVE-0-2007-5042)
Vulnerability from cvelistv5 – Published: 2007-09-24 00:00 – Updated: 2024-08-07 15:17
VLAI
Summary
Outpost Firewall Pro 4.0.1025.7828 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via the (1) NtCreateKey, (2) NtDeleteFile, (3) NtLoadDriver, (4) NtOpenProcess, (5) NtOpenSection, (6) NtOpenThread, and (7) NtUnloadDriver kernel SSDT hooks, a partial regression of CVE-2006-7160.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://securityreason.com/securityalert/3161 | third-party-advisoryx_refsource_SREASON |
| http://osvdb.org/45899 | vdb-entryx_refsource_OSVDB |
| http://www.matousec.com/info/advisories/plague-in… | x_refsource_MISC |
| http://www.matousec.com/projects/windows-personal… | x_refsource_MISC |
| http://www.securityfocus.com/archive/1/479830/100… | mailing-listx_refsource_BUGTRAQ |
Date Public
2007-09-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:17:28.319Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "3161",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3161"
},
{
"name": "45899",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/45899"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php"
},
{
"name": "20070918 Plague in (security) software drivers \u0026 BSDOhook utility",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/479830/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-09-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Outpost Firewall Pro 4.0.1025.7828 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via the (1) NtCreateKey, (2) NtDeleteFile, (3) NtLoadDriver, (4) NtOpenProcess, (5) NtOpenSection, (6) NtOpenThread, and (7) NtUnloadDriver kernel SSDT hooks, a partial regression of CVE-2006-7160."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "3161",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3161"
},
{
"name": "45899",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/45899"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php"
},
{
"name": "20070918 Plague in (security) software drivers \u0026 BSDOhook utility",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/479830/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5042",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Outpost Firewall Pro 4.0.1025.7828 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via the (1) NtCreateKey, (2) NtDeleteFile, (3) NtLoadDriver, (4) NtOpenProcess, (5) NtOpenSection, (6) NtOpenThread, and (7) NtUnloadDriver kernel SSDT hooks, a partial regression of CVE-2006-7160."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "3161",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3161"
},
{
"name": "45899",
"refsource": "OSVDB",
"url": "http://osvdb.org/45899"
},
{
"name": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php",
"refsource": "MISC",
"url": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php"
},
{
"name": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php",
"refsource": "MISC",
"url": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php"
},
{
"name": "20070918 Plague in (security) software drivers \u0026 BSDOhook utility",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/479830/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5042",
"datePublished": "2007-09-24T00:00:00.000Z",
"dateReserved": "2007-09-23T00:00:00.000Z",
"dateUpdated": "2024-08-07T15:17:28.319Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-3086 (GCVE-0-2007-3086)
Vulnerability from cvelistv5 – Published: 2007-06-06 10:00 – Updated: 2024-08-07 14:05
VLAI
Summary
Unrestricted critical resource lock in Agnitum Outpost Firewall PRO 4.0 1007.591.145 and earlier allows local users to cause a denial of service (system hang) by capturing the outpost_ipc_hdr mutex.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/archive/1/470278/100… | mailing-listx_refsource_BUGTRAQ |
| http://osvdb.org/42038 | vdb-entryx_refsource_OSVDB |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.matousec.com/info/advisories/Outpost-E… | x_refsource_MISC |
| http://securityreason.com/securityalert/2775 | third-party-advisoryx_refsource_SREASON |
| http://www.securityfocus.com/bid/24284 | vdb-entryx_refsource_BID |
Date Public
2007-06-01 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:05:29.252Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20070601 Outpost Enforcing system reboot with \u0027outpost_ipc_hdr\u0027 mutex Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/470278/100/0/threaded"
},
{
"name": "42038",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/42038"
},
{
"name": "outpostfirewall-outpostipchdr-dos(34686)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34686"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.matousec.com/info/advisories/Outpost-Enforcing-system-reboot-with-outpost_ipc_hdr-mutex.php"
},
{
"name": "2775",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2775"
},
{
"name": "24284",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24284"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-06-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unrestricted critical resource lock in Agnitum Outpost Firewall PRO 4.0 1007.591.145 and earlier allows local users to cause a denial of service (system hang) by capturing the outpost_ipc_hdr mutex."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20070601 Outpost Enforcing system reboot with \u0027outpost_ipc_hdr\u0027 mutex Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/470278/100/0/threaded"
},
{
"name": "42038",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/42038"
},
{
"name": "outpostfirewall-outpostipchdr-dos(34686)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34686"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.matousec.com/info/advisories/Outpost-Enforcing-system-reboot-with-outpost_ipc_hdr-mutex.php"
},
{
"name": "2775",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2775"
},
{
"name": "24284",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24284"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3086",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unrestricted critical resource lock in Agnitum Outpost Firewall PRO 4.0 1007.591.145 and earlier allows local users to cause a denial of service (system hang) by capturing the outpost_ipc_hdr mutex."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070601 Outpost Enforcing system reboot with \u0027outpost_ipc_hdr\u0027 mutex Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/470278/100/0/threaded"
},
{
"name": "42038",
"refsource": "OSVDB",
"url": "http://osvdb.org/42038"
},
{
"name": "outpostfirewall-outpostipchdr-dos(34686)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34686"
},
{
"name": "http://www.matousec.com/info/advisories/Outpost-Enforcing-system-reboot-with-outpost_ipc_hdr-mutex.php",
"refsource": "MISC",
"url": "http://www.matousec.com/info/advisories/Outpost-Enforcing-system-reboot-with-outpost_ipc_hdr-mutex.php"
},
{
"name": "2775",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2775"
},
{
"name": "24284",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24284"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-3086",
"datePublished": "2007-06-06T10:00:00.000Z",
"dateReserved": "2007-06-05T00:00:00.000Z",
"dateUpdated": "2024-08-07T14:05:29.252Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-7160 (GCVE-0-2006-7160)
Vulnerability from cvelistv5 – Published: 2007-03-07 20:00 – Updated: 2024-08-07 20:57
VLAI
Summary
The Sandbox.sys driver in Outpost Firewall PRO 4.0, and possibly earlier versions, does not validate arguments to hooked SSDT functions, which allows local users to cause a denial of service (crash) via invalid arguments to the (1) NtAssignProcessToJobObject,, (2) NtCreateKey, (3) NtCreateThread, (4) NtDeleteFile, (5) NtLoadDriver, (6) NtOpenProcess, (7) NtProtectVirtualMemory, (8) NtReplaceKey, (9) NtTerminateProcess, (10) NtTerminateThread, (11) NtUnloadDriver, and (12) NtWriteVirtualMemory functions.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://securityreason.com/securityalert/2376 | third-party-advisoryx_refsource_SREASON |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.vupen.com/english/advisories/2006/4537 | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/archive/1/451672/100… | mailing-listx_refsource_BUGTRAQ |
| http://secunia.com/advisories/22913 | third-party-advisoryx_refsource_SECUNIA |
| http://www.matousec.com/info/advisories/Outpost-M… | x_refsource_MISC |
| http://www.securityfocus.com/bid/21097 | vdb-entryx_refsource_BID |
Date Public
2006-11-15 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:57:39.963Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "2376",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2376"
},
{
"name": "outpostfirewall-multiple-functions-dos(30312)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30312"
},
{
"name": "ADV-2006-4537",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4537"
},
{
"name": "20061115 Outpost Multiple insufficient argument validation of hooked SSDT function Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/451672/100/0/threaded"
},
{
"name": "22913",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22913"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.matousec.com/info/advisories/Outpost-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php"
},
{
"name": "21097",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/21097"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-11-15T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Sandbox.sys driver in Outpost Firewall PRO 4.0, and possibly earlier versions, does not validate arguments to hooked SSDT functions, which allows local users to cause a denial of service (crash) via invalid arguments to the (1) NtAssignProcessToJobObject,, (2) NtCreateKey, (3) NtCreateThread, (4) NtDeleteFile, (5) NtLoadDriver, (6) NtOpenProcess, (7) NtProtectVirtualMemory, (8) NtReplaceKey, (9) NtTerminateProcess, (10) NtTerminateThread, (11) NtUnloadDriver, and (12) NtWriteVirtualMemory functions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "2376",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2376"
},
{
"name": "outpostfirewall-multiple-functions-dos(30312)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30312"
},
{
"name": "ADV-2006-4537",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4537"
},
{
"name": "20061115 Outpost Multiple insufficient argument validation of hooked SSDT function Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/451672/100/0/threaded"
},
{
"name": "22913",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22913"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.matousec.com/info/advisories/Outpost-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php"
},
{
"name": "21097",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/21097"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-7160",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Sandbox.sys driver in Outpost Firewall PRO 4.0, and possibly earlier versions, does not validate arguments to hooked SSDT functions, which allows local users to cause a denial of service (crash) via invalid arguments to the (1) NtAssignProcessToJobObject,, (2) NtCreateKey, (3) NtCreateThread, (4) NtDeleteFile, (5) NtLoadDriver, (6) NtOpenProcess, (7) NtProtectVirtualMemory, (8) NtReplaceKey, (9) NtTerminateProcess, (10) NtTerminateThread, (11) NtUnloadDriver, and (12) NtWriteVirtualMemory functions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "2376",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2376"
},
{
"name": "outpostfirewall-multiple-functions-dos(30312)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30312"
},
{
"name": "ADV-2006-4537",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4537"
},
{
"name": "20061115 Outpost Multiple insufficient argument validation of hooked SSDT function Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/451672/100/0/threaded"
},
{
"name": "22913",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22913"
},
{
"name": "http://www.matousec.com/info/advisories/Outpost-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php",
"refsource": "MISC",
"url": "http://www.matousec.com/info/advisories/Outpost-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php"
},
{
"name": "21097",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21097"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-7160",
"datePublished": "2007-03-07T20:00:00.000Z",
"dateReserved": "2007-03-07T00:00:00.000Z",
"dateUpdated": "2024-08-07T20:57:39.963Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-0333 (GCVE-0-2007-0333)
Vulnerability from cvelistv5 – Published: 2007-01-18 02:00 – Updated: 2024-08-07 12:12
VLAI
Summary
Agnitum Outpost Firewall PRO 4.0 allows local users to bypass access restrictions and insert Trojan horse drivers into the product's installation directory by creating links using FileLinkInformation requests with the ZwSetInformationFile function, as demonstrated by modifying SandBox.sys.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/archive/1/456973/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.matousec.com/info/advisories/Outpost-B… | x_refsource_MISC |
| http://www.securityfocus.com/bid/22069 | vdb-entryx_refsource_BID |
| http://osvdb.org/33480 | vdb-entryx_refsource_OSVDB |
| http://securityreason.com/securityalert/2163 | third-party-advisoryx_refsource_SREASON |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2007-01-15 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:12:18.103Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20070115 Outpost Bypassing Self-Protection using file links Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/456973/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.matousec.com/info/advisories/Outpost-Bypassing-Self-Protection-using-file-links.php"
},
{
"name": "22069",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22069"
},
{
"name": "33480",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/33480"
},
{
"name": "2163",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2163"
},
{
"name": "outpostfirewall-zwset-privilege-escalation(31529)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31529"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-01-15T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Agnitum Outpost Firewall PRO 4.0 allows local users to bypass access restrictions and insert Trojan horse drivers into the product\u0027s installation directory by creating links using FileLinkInformation requests with the ZwSetInformationFile function, as demonstrated by modifying SandBox.sys."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20070115 Outpost Bypassing Self-Protection using file links Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/456973/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.matousec.com/info/advisories/Outpost-Bypassing-Self-Protection-using-file-links.php"
},
{
"name": "22069",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22069"
},
{
"name": "33480",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/33480"
},
{
"name": "2163",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2163"
},
{
"name": "outpostfirewall-zwset-privilege-escalation(31529)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31529"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0333",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Agnitum Outpost Firewall PRO 4.0 allows local users to bypass access restrictions and insert Trojan horse drivers into the product\u0027s installation directory by creating links using FileLinkInformation requests with the ZwSetInformationFile function, as demonstrated by modifying SandBox.sys."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070115 Outpost Bypassing Self-Protection using file links Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/456973/100/0/threaded"
},
{
"name": "http://www.matousec.com/info/advisories/Outpost-Bypassing-Self-Protection-using-file-links.php",
"refsource": "MISC",
"url": "http://www.matousec.com/info/advisories/Outpost-Bypassing-Self-Protection-using-file-links.php"
},
{
"name": "22069",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22069"
},
{
"name": "33480",
"refsource": "OSVDB",
"url": "http://osvdb.org/33480"
},
{
"name": "2163",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2163"
},
{
"name": "outpostfirewall-zwset-privilege-escalation(31529)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31529"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0333",
"datePublished": "2007-01-18T02:00:00.000Z",
"dateReserved": "2007-01-17T00:00:00.000Z",
"dateUpdated": "2024-08-07T12:12:18.103Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-5721 (GCVE-0-2006-5721)
Vulnerability from cvelistv5 – Published: 2006-11-04 01:00 – Updated: 2024-08-07 20:04
VLAI
Summary
The \Device\SandBox driver in Outpost Firewall PRO 4.0 (964.582.059) allows local users to cause a denial of service (system crash) via an invalid argument to the DeviceIoControl function that triggers an invalid memory operation.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.vupen.com/english/advisories/2006/4309 | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/bid/20860 | vdb-entryx_refsource_BID |
| http://secunia.com/advisories/22673 | third-party-advisoryx_refsource_SECUNIA |
| http://www.matousec.com/info/advisories/Outpost-I… | x_refsource_MISC |
| http://securityreason.com/securityalert/1821 | third-party-advisoryx_refsource_SREASON |
| http://securitytracker.com/id?1017150 | vdb-entryx_refsource_SECTRACK |
| http://www.securityfocus.com/archive/1/450293/100… | mailing-listx_refsource_BUGTRAQ |
Date Public
2006-11-01 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:04:54.744Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "outpostfirewall-sandbox-dos(29969)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29969"
},
{
"name": "ADV-2006-4309",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4309"
},
{
"name": "20860",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20860"
},
{
"name": "22673",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22673"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.matousec.com/info/advisories/Outpost-Insufficient-validation-of-SandBox-driver-input-buffer.php"
},
{
"name": "1821",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/1821"
},
{
"name": "1017150",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017150"
},
{
"name": "20061101 Outpost Insufficient validation of \u0027SandBox\u0027 driver input buffer",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/450293/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-11-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The \\Device\\SandBox driver in Outpost Firewall PRO 4.0 (964.582.059) allows local users to cause a denial of service (system crash) via an invalid argument to the DeviceIoControl function that triggers an invalid memory operation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "outpostfirewall-sandbox-dos(29969)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29969"
},
{
"name": "ADV-2006-4309",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4309"
},
{
"name": "20860",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20860"
},
{
"name": "22673",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22673"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.matousec.com/info/advisories/Outpost-Insufficient-validation-of-SandBox-driver-input-buffer.php"
},
{
"name": "1821",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/1821"
},
{
"name": "1017150",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017150"
},
{
"name": "20061101 Outpost Insufficient validation of \u0027SandBox\u0027 driver input buffer",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/450293/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5721",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The \\Device\\SandBox driver in Outpost Firewall PRO 4.0 (964.582.059) allows local users to cause a denial of service (system crash) via an invalid argument to the DeviceIoControl function that triggers an invalid memory operation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "outpostfirewall-sandbox-dos(29969)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29969"
},
{
"name": "ADV-2006-4309",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4309"
},
{
"name": "20860",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20860"
},
{
"name": "22673",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22673"
},
{
"name": "http://www.matousec.com/info/advisories/Outpost-Insufficient-validation-of-SandBox-driver-input-buffer.php",
"refsource": "MISC",
"url": "http://www.matousec.com/info/advisories/Outpost-Insufficient-validation-of-SandBox-driver-input-buffer.php"
},
{
"name": "1821",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1821"
},
{
"name": "1017150",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017150"
},
{
"name": "20061101 Outpost Insufficient validation of \u0027SandBox\u0027 driver input buffer",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/450293/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5721",
"datePublished": "2006-11-04T01:00:00.000Z",
"dateReserved": "2006-11-03T00:00:00.000Z",
"dateUpdated": "2024-08-07T20:04:54.744Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-3697 (GCVE-0-2006-3697)
Vulnerability from cvelistv5 – Published: 2006-07-19 01:00 – Updated: 2024-08-07 18:39
VLAI
Summary
Agnitum Outpost Firewall Pro 3.51.759.6511 (462), as used in (1) Lavasoft Personal Firewall 1.0.543.5722 (433) and (2) Novell BorderManager Novell Client Firewall 2.0, does not properly restrict user activities in application windows that run in a LocalSystem context, which allows local users to gain privileges and execute commands (a) via the "open folder" option when no instance of explorer.exe is running, possibly related to the ShellExecute API function; or (b) by overwriting a batch file through the "Save Configuration As" option. NOTE: this might be a vulnerability in Microsoft Windows and explorer.exe instead of the firewall.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
11 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/21089 | third-party-advisoryx_refsource_SECUNIA |
| http://www.osvdb.org/27349 | vdb-entryx_refsource_OSVDB |
| http://www.securityfocus.com/bid/19018 | vdb-entryx_refsource_BID |
| http://www.securityfocus.com/archive/1/440426/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.vupen.com/english/advisories/2007/0144 | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/bid/19024 | vdb-entryx_refsource_BID |
| http://www.vupen.com/english/advisories/2006/2851 | vdb-entryx_refsource_VUPEN |
| http://www.vupen.com/english/advisories/2006/2852 | vdb-entryx_refsource_VUPEN |
| http://www.ben.goulding.com.au/secad.html | x_refsource_MISC |
| http://secunia.com/advisories/21088 | third-party-advisoryx_refsource_SECUNIA |
| https://secure-support.novell.com/KanisaPlatform/… | x_refsource_CONFIRM |
Date Public
2006-07-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:39:53.553Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "21089",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21089"
},
{
"name": "27349",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/27349"
},
{
"name": "19018",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19018"
},
{
"name": "20060716 Escalation of privileges in Outpost and Lavasoft Firewalls -Unusual ShellExecute behavior",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/440426/100/0/threaded"
},
{
"name": "ADV-2007-0144",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0144"
},
{
"name": "19024",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19024"
},
{
"name": "ADV-2006-2851",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2851"
},
{
"name": "ADV-2006-2852",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2852"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ben.goulding.com.au/secad.html"
},
{
"name": "21088",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21088"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://secure-support.novell.com/KanisaPlatform/Publishing/903/3762108_f.SAL_Public.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-07-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Agnitum Outpost Firewall Pro 3.51.759.6511 (462), as used in (1) Lavasoft Personal Firewall 1.0.543.5722 (433) and (2) Novell BorderManager Novell Client Firewall 2.0, does not properly restrict user activities in application windows that run in a LocalSystem context, which allows local users to gain privileges and execute commands (a) via the \"open folder\" option when no instance of explorer.exe is running, possibly related to the ShellExecute API function; or (b) by overwriting a batch file through the \"Save Configuration As\" option. NOTE: this might be a vulnerability in Microsoft Windows and explorer.exe instead of the firewall."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "21089",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21089"
},
{
"name": "27349",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/27349"
},
{
"name": "19018",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19018"
},
{
"name": "20060716 Escalation of privileges in Outpost and Lavasoft Firewalls -Unusual ShellExecute behavior",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/440426/100/0/threaded"
},
{
"name": "ADV-2007-0144",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0144"
},
{
"name": "19024",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19024"
},
{
"name": "ADV-2006-2851",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2851"
},
{
"name": "ADV-2006-2852",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2852"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ben.goulding.com.au/secad.html"
},
{
"name": "21088",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21088"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://secure-support.novell.com/KanisaPlatform/Publishing/903/3762108_f.SAL_Public.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3697",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Agnitum Outpost Firewall Pro 3.51.759.6511 (462), as used in (1) Lavasoft Personal Firewall 1.0.543.5722 (433) and (2) Novell BorderManager Novell Client Firewall 2.0, does not properly restrict user activities in application windows that run in a LocalSystem context, which allows local users to gain privileges and execute commands (a) via the \"open folder\" option when no instance of explorer.exe is running, possibly related to the ShellExecute API function; or (b) by overwriting a batch file through the \"Save Configuration As\" option. NOTE: this might be a vulnerability in Microsoft Windows and explorer.exe instead of the firewall."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "21089",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21089"
},
{
"name": "27349",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/27349"
},
{
"name": "19018",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19018"
},
{
"name": "20060716 Escalation of privileges in Outpost and Lavasoft Firewalls -Unusual ShellExecute behavior",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/440426/100/0/threaded"
},
{
"name": "ADV-2007-0144",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0144"
},
{
"name": "19024",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19024"
},
{
"name": "ADV-2006-2851",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2851"
},
{
"name": "ADV-2006-2852",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2852"
},
{
"name": "http://www.ben.goulding.com.au/secad.html",
"refsource": "MISC",
"url": "http://www.ben.goulding.com.au/secad.html"
},
{
"name": "21088",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21088"
},
{
"name": "https://secure-support.novell.com/KanisaPlatform/Publishing/903/3762108_f.SAL_Public.html",
"refsource": "CONFIRM",
"url": "https://secure-support.novell.com/KanisaPlatform/Publishing/903/3762108_f.SAL_Public.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-3697",
"datePublished": "2006-07-19T01:00:00.000Z",
"dateReserved": "2006-07-18T00:00:00.000Z",
"dateUpdated": "2024-08-07T18:39:53.553Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-3696 (GCVE-0-2006-3696)
Vulnerability from cvelistv5 – Published: 2006-07-19 01:00 – Updated: 2024-08-07 18:39
VLAI
Summary
filtnt.sys in Outpost Firewall Pro before 3.51.759.6511 (462) allows local users to cause a denial of service (crash) via long arguments to mshta.exe.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/21095 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/bid/19026 | vdb-entryx_refsource_BID |
| http://www.securityfocus.com/archive/1/440427 | mailing-listx_refsource_BUGTRAQ |
| http://securityreason.com/securityalert/1247 | third-party-advisoryx_refsource_SREASON |
| http://www.vupen.com/english/advisories/2006/2853 | vdb-entryx_refsource_VUPEN |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2006-07-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:39:53.930Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "21095",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21095"
},
{
"name": "19026",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19026"
},
{
"name": "20060717 Outpost Firewall Pro secrately fixing security flaws?",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/440427"
},
{
"name": "1247",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/1247"
},
{
"name": "ADV-2006-2853",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2853"
},
{
"name": "outpost-firewall-filtnt-bo(27840)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27840"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-07-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "filtnt.sys in Outpost Firewall Pro before 3.51.759.6511 (462) allows local users to cause a denial of service (crash) via long arguments to mshta.exe."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "21095",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21095"
},
{
"name": "19026",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19026"
},
{
"name": "20060717 Outpost Firewall Pro secrately fixing security flaws?",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/440427"
},
{
"name": "1247",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/1247"
},
{
"name": "ADV-2006-2853",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2853"
},
{
"name": "outpost-firewall-filtnt-bo(27840)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27840"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3696",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "filtnt.sys in Outpost Firewall Pro before 3.51.759.6511 (462) allows local users to cause a denial of service (crash) via long arguments to mshta.exe."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "21095",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21095"
},
{
"name": "19026",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19026"
},
{
"name": "20060717 Outpost Firewall Pro secrately fixing security flaws?",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/440427"
},
{
"name": "1247",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1247"
},
{
"name": "ADV-2006-2853",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2853"
},
{
"name": "outpost-firewall-filtnt-bo(27840)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27840"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-3696",
"datePublished": "2006-07-19T01:00:00.000Z",
"dateReserved": "2006-07-18T00:00:00.000Z",
"dateUpdated": "2024-08-07T18:39:53.930Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-2472 (GCVE-0-2004-2472)
Vulnerability from cvelistv5 – Published: 2005-08-20 04:00 – Updated: 2024-08-08 01:29
VLAI
Summary
Agnitum Outpost Pro Firewall 2.1 allows remote attackers to cause a denial of service (CPU consumption) via a flood of small, invalid packets, which can not be processed quickly enough by Outpost Pro.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/10338 | vdb-entryx_refsource_BID |
| http://secunia.com/advisories/11601 | third-party-advisoryx_refsource_SECUNIA |
| http://www.osvdb.org/6110 | vdb-entryx_refsource_OSVDB |
| http://www.securiteam.com/windowsntfocus/5FP0E0KC… | x_refsource_MISC |
| http://securitytracker.com/alerts/2004/May/1010151.html | vdb-entryx_refsource_SECTRACK |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2004-05-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:29:13.926Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "10338",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10338"
},
{
"name": "11601",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/11601"
},
{
"name": "6110",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/6110"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securiteam.com/windowsntfocus/5FP0E0KCUW.html"
},
{
"name": "1010151",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/alerts/2004/May/1010151.html"
},
{
"name": "outpost-packet-dos(16133)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16133"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-05-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Agnitum Outpost Pro Firewall 2.1 allows remote attackers to cause a denial of service (CPU consumption) via a flood of small, invalid packets, which can not be processed quickly enough by Outpost Pro."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "10338",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10338"
},
{
"name": "11601",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/11601"
},
{
"name": "6110",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/6110"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securiteam.com/windowsntfocus/5FP0E0KCUW.html"
},
{
"name": "1010151",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/alerts/2004/May/1010151.html"
},
{
"name": "outpost-packet-dos(16133)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16133"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-2472",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Agnitum Outpost Pro Firewall 2.1 allows remote attackers to cause a denial of service (CPU consumption) via a flood of small, invalid packets, which can not be processed quickly enough by Outpost Pro."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "10338",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10338"
},
{
"name": "11601",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/11601"
},
{
"name": "6110",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/6110"
},
{
"name": "http://www.securiteam.com/windowsntfocus/5FP0E0KCUW.html",
"refsource": "MISC",
"url": "http://www.securiteam.com/windowsntfocus/5FP0E0KCUW.html"
},
{
"name": "1010151",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/alerts/2004/May/1010151.html"
},
{
"name": "outpost-packet-dos(16133)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16133"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-2472",
"datePublished": "2005-08-20T04:00:00.000Z",
"dateReserved": "2005-08-20T00:00:00.000Z",
"dateUpdated": "2024-08-08T01:29:13.926Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}