CVE-2007-0333 - Agnitum Outpost Firewall PRO 4.0 allows local users to bypass access restrictions and insert Trojan

CVE-2007-0333

Summary

Agnitum Outpost Firewall PRO 4.0 allows local users to bypass access restrictions and insert Trojan horse drivers into the product's installation directory by creating links using FileLinkInformation requests with the ZwSetInformationFile function, as demonstrated by modifying SandBox.sys.

References

Vulnerable Configurations

cpe:2.3:a:agnitum:outpost_firewall:4.0:*:pro:*:*:*:*:*
cpe:2.3:a:agnitum:outpost_firewall:4.0:*:pro:*:*:*:*:*

CVSS

Base:	7.2 (as of 16-10-2018 - 16:32)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:L/AC:L/Au:N/C:C/I:C/A:C

refmap via4

bid	22069
bugtraq	20070115 Outpost Bypassing Self-Protection using file links Vulnerability
misc	http://www.matousec.com/info/advisories/Outpost-Bypassing-Self-Protection-using-file-links.php
osvdb	33480
sreason	2163
xf	outpostfirewall-zwset-privilege-escalation(31529)

Last major update

16-10-2018 - 16:32

Published

18-01-2007 - 02:28

Last modified

16-10-2018 - 16:32