Outpost Firewall PRO Security Bypass Weakness

Bugtraq ID:	21390
Class:	Failure to Handle Exceptional Conditions
CVE:
Remote:	No
Local:	Yes
Published:	Dec 01 2006 12:00AM
Updated:	Dec 02 2006 01:24AM
Credit:	Matousec Transparent Security is credited with discovering this issue.
Vulnerable:	Agnitum Outpost Firewall PRO 4.0
Not Vulnerable:

Outpost Firewall PRO Security Bypass Weakness

Outpost Firewall PRO is prone to a weakness that may allow local privileged attackers to bypass security restrictions.

Successful exploits may allow local privileged attackers to bypass security restrictions to crash the affected application and potentially execute malicious code in the context of the vulnerable application.

Outpost Firewall PRO version 4.0 is affected by this issue; other versions may also be affected.

Outpost Firewall PRO Security Bypass Weakness

The following proof of concept is available:

• /data/vulnerabilities/exploits/BTP00012P004AO.zip

Outpost Firewall PRO Security Bypass Weakness

Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]:[email protected].

Outpost Firewall PRO Security Bypass Weakness

References:

• Outpost Firewall Pro Web Page (Agnitum)
  
• Outpost Bypassing Self-Protection via Advanced DLL injection with handle stealin (Matousec)