Outpost Firewall PRO本地拒绝服务漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1111439 漏洞类型 其他
发布时间 2006-11-01 更新时间 2006-11-07
CVE编号 CVE-2006-5721 CNNVD-ID CNNVD-200611-054
漏洞平台 Windows CVSS评分 4.9
|漏洞来源
https://www.exploit-db.com/exploits/28894
https://cxsecurity.com/issue/WLB-2006110024
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200611-054
|漏洞详情
OutpostFirewallPRO中的\Device\SandBox驱动程序本地用户通过传给DeviceIoControl函数的无效参数来触发无效内存操作,从而发起拒绝服务攻击(系统崩溃)。
|漏洞EXP
source: http://www.securityfocus.com/bid/20860/info

Outpost Firewall PRO is prone to a local denial-of-service vulnerability because the application fails to properly handle unexpected input.

Exploiting this issue allows local attackers to crash affected computers, denying service to legitimate users.

Outpost Firewall PRO 4.0 (964.582.059) is vulnerable to this issue; other versions may also be affected.

https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/bin-sploits/28894.zip
|参考资料

来源:BID
名称:20860
链接:http://www.securityfocus.com/bid/20860
来源:BUGTRAQ
名称:20061101OutpostInsufficientvalidationof'SandBox'driverinputbuffer
链接:http://www.securityfocus.com/archive/1/archive/1/450293/100/0/threaded
来源:MISC
链接:http://www.matousec.com/info/advisories/Outpost-Insufficient-validation-of-SandBox-driver-input-buffer.php
来源:VUPEN
名称:ADV-2006-4309
链接:http://www.frsirt.com/english/advisories/2006/4309
来源:SECTRACK
名称:1017150
链接:http://securitytracker.com/id?1017150
来源:SECUNIA
名称:22673
链接:http://secunia.com/advisories/22673
来源:XF
名称:outpostfirewall-sandbox-dos(29969)
链接:http://xforce.iss.net/xforce/xfdb/29969
来源:SREASON
名称:1821
链接:http://securityreason.com/securityalert/1821