Outpost Firewall Pro services.exe security bypass
| outpostfirewall-services-security-bypass (31131) |  Medium Risk |
Description:
Outpost Firewall Pro could allow a local, authenticated attacker to bypass security restrictions, caused by a vulnerability in the outpost.exe executable. An attacker could exploit this vulnerability by injecting a DLL file into the system's services process to execute arbitrary code on the firewall and bypass security restrictions.
Platforms Affected:
- Agnitum, Outpost Firewall Pro 4.0.964.582.059
- Agnitum, Outpost Firewall Pro 4.0.971.584.079
Remedy:
No remedy available as of November 29, 2008.
Consequences:
Bypass Security
References:
- Matousec Transparent Security Advisory 2006-12-01.01, Outpost Bypassing Self-Protection via Advanced DLL injection with handle stealing Vulnerability at http://www.matousec.com/info/advisories/Outpost-Bypassing-Self-Protection-via-Advanced-DLL-injection-with-handle-stealing.php.
- Outpost Firewall PRO Web site, Outpost Firewall PRO - Personal Firewall at http://www.agnitum.com/products/outpost/index.php.
- BID-21390: Outpost Firewall PRO Security Bypass Weakness
Reported:
Dec 01, 2006
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
Copyright (c) 1994-2008 Internet Security Systems, Inc. All rights reserved worldwide.
For corrections or additions please email xforce@iss.net