CVE Vulnerability

CVE-2007-0333

Agnitum Outpost Firewall PRO 4.0 allows local users to bypass access restrictions and insert Trojan horse drivers into the product's installation directory by creating links using FileLinkInformation requests with the ZwSetInformationFile function, as demonstrated by modifying SandBox.sys.

7.2 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 10

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

Scope

References
Link Resource
http://www.matousec.com/info/advisories/Outpost-Bypassing-Self-Protection-using-file-links.php Vendor Advisory
http://www.securityfocus.com/bid/22069 Exploit
http://securityreason.com/securityalert/2163
http://osvdb.org/33480
https://exchange.xforce.ibmcloud.com/vulnerabilities/31529
http://www.securityfocus.com/archive/1/456973/100/0/threaded
Configurations

Configuration 1

cpe:2.3:a:agnitum:outpost_firewall:4.0:*:pro:*:*:*:*:*
Information

Published : 2007-01-18 02:28

Updated : 2018-10-16 04:32

NVD link : CVE-2007-0333

Mitre link : CVE-2007-0333

Products Affected
No products.
CWE
NVD-CWE-Other