Vulnerabilities > CVE-2007-0333 - Local Privilege Escalation vulnerability in Agnitum Outpost Firewall 4.0
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Agnitum Outpost Firewall PRO 4.0 allows local users to bypass access restrictions and insert Trojan horse drivers into the product's installation directory by creating links using FileLinkInformation requests with the ZwSetInformationFile function, as demonstrated by modifying SandBox.sys.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | Outpost Firewall PRO 4.0 Local Privilege Escalation Vulnerability. CVE-2007-0333. Local exploit for windows platform |
id | EDB-ID:29465 |
last seen | 2016-02-03 |
modified | 2007-01-15 |
published | 2007-01-15 |
reporter | Matousec Transparent security |
source | https://www.exploit-db.com/download/29465/ |
title | Outpost Firewall PRO 4.0 - Local Privilege Escalation Vulnerability |
References
- http://osvdb.org/33480
- http://securityreason.com/securityalert/2163
- http://www.matousec.com/info/advisories/Outpost-Bypassing-Self-Protection-using-file-links.php
- http://www.securityfocus.com/archive/1/456973/100/0/threaded
- http://www.securityfocus.com/bid/22069
- https://exchange.xforce.ibmcloud.com/vulnerabilities/31529