Online Armor Personal Firewall SSDT Hooks Multiple Local Vulnerabilities
BID:25711
Info
Online Armor Personal Firewall SSDT Hooks Multiple Local Vulnerabilities
| Bugtraq ID: | 25711 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2007-4967 |
| Remote: | No |
| Local: | Yes |
| Published: | Sep 18 2007 12:00AM |
| Updated: | May 07 2015 05:35PM |
| Credit: | Matousec Transparent Security Research discovered these vulnerabilities. |
| Vulnerable: |
Online Armor Personal Firewall 2.0.1.215 |
| Not Vulnerable: | |
Discussion
Online Armor Personal Firewall SSDT Hooks Multiple Local Vulnerabilities
Online Armor Personal Firewall is prone to multiple local vulnerabilities.
Exploiting these vulnerabilities allows local attackers to crash affected computers, denying service to legitimate users. Attackers might also be able to gain elevated privileges by executing arbitrary machine code in the context of the kernel, but this has not been confirmed.
Online Armor Personal Firewall 2.0.1.125 is vulnerable; other versions may also be affected.
Online Armor Personal Firewall is prone to multiple local vulnerabilities.
Exploiting these vulnerabilities allows local attackers to crash affected computers, denying service to legitimate users. Attackers might also be able to gain elevated privileges by executing arbitrary machine code in the context of the kernel, but this has not been confirmed.
Online Armor Personal Firewall 2.0.1.125 is vulnerable; other versions may also be affected.
Exploit / POC
Online Armor Personal Firewall SSDT Hooks Multiple Local Vulnerabilities
To exploit these issues, attackers can use 'BSODhook' from Matousec.
To exploit these issues, attackers can use 'BSODhook' from Matousec.
Solution / Fix
Online Armor Personal Firewall SSDT Hooks Multiple Local Vulnerabilities
Solution:
Reports indicate that the vendor may have addressed this issue in the latest version. Symantec has not confirmed this.
Currently we are not aware of any vendor-supplied patches for these issues. If you feel we are in error
or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Reports indicate that the vendor may have addressed this issue in the latest version. Symantec has not confirmed this.
Currently we are not aware of any vendor-supplied patches for these issues. If you feel we are in error
or if you are aware of more recent information, please mail us at: [email protected].
References
Online Armor Personal Firewall SSDT Hooks Multiple Local Vulnerabilities
References:
References:
- Online Armor Personal Firewall Homepage (Online Armor)
- Windows Personal Firewall Analysis (Matousec)
- Plague in (security) software drivers & BSDOhook utility (Matousec)