Comodo Firewall CMDMon.SYS Multiple Denial of Service Vulnerabilities

Bugtraq ID:	22357
Class:	Input Validation Error
CVE:	CVE-2007-0708
Remote:	Yes
Local:	No
Published:	Feb 01 2007 12:00AM
Updated:	May 12 2015 07:34PM
Credit:	These issues were discovered by Matousec.
Vulnerable:	Comodo Personal Firewall 2.3.6 .81 Comodo Firewall Pro 2.4.16 .174
Not Vulnerable:	Comodo Firewall Pro 2.4.17 .183

Comodo Firewall CMDMon.SYS Multiple Denial of Service Vulnerabilities

Comodo Firewall is prone to multiple denial-of-service vulnerabilities because it fails to adequately validate user supplied data.

Exploiting these issues may permit attackers to cause system crashes and deny service to legitimate users. Presumaby, attackers may also be able to execute arbitrary code, but this has not been confirmed.

Comodo Firewall Pro 2.4.16.174 and Comodo Personal Firewall 2.3.6.81 are vulnerable; other versions may also be affected.

Comodo Firewall CMDMon.SYS Multiple Denial of Service Vulnerabilities

The following proof of concept is available:

• /data/vulnerabilities/exploits/22357.c

Comodo Firewall CMDMon.SYS Multiple Denial of Service Vulnerabilities

Solution:
The vendor has released Comodo Firewall Pro 2.4.17.183 to address these issues; please contact the vendor for information on obtaining fixes.

Comodo Firewall CMDMon.SYS Multiple Denial of Service Vulnerabilities

References:

• Comodo Homepage (Comodo)
  
• Windows Personal Firewall Analysis (Matousec)
  
• Plague in (security) software drivers & BSDOhook utility (Matousec)