0
Schwerer BUG in Outpost Firewall PRO 4.0 (964.582.059) produziert System-Crash
Outpost Insufficient validation of 'SandBox' driver input buffer...
Advisory 2006-11-01.01 by Matousec-Crew
Description:
Outpost insufficiently protects its driver \Device\SandBox against a manipulation by malicious applications and it fails to validate its input buffer. It is possible to open this driver and send arbitrary data to it, which are implicitly believed to be valid. It is possible to assemble the data in the input buffer such that the driver performs an invalid memory operation and crashes the whole operating system. Further impacts of this bug were not examined.
Vulnerable software:
Outpost insufficiently protects its driver \Device\SandBox against a manipulation by malicious applications and it fails to validate its input buffer. It is possible to open this driver and send arbitrary data to it, which are implicitly believed to be valid. It is possible to assemble the data in the input buffer such that the driver performs an invalid memory operation and crashes the whole operating system. Further impacts of this bug were not examined.
Vulnerable software:
- Outpost Firewall PRO 4.0 (964.582.059)
- 2006-11-01: Advisory released
- 2006-11-01: Vendor notification
Events:
Die Bekanntgabe dieses Bugs erschien heute, 01.11.206, auf:
http://www.matousec.com/info/advisories/Outpost-Insufficient-validation ...
Dort ist uebrigends auch der Downloadlink zur Testdatei BTP00001P004AO.zip
saludos
gnarff
[N.B.:haette ich das auf deutsch uebersetzen sollen...?]
Share on Facebook
Share on Twitter
Share on Reddit
Share on LinkedinPlease also mark the comments that contributed to the solution of the article
Content-Key: 43535
Url: https://administrator.de/contentid/43535
Printed on: April 16, 2024 at 05:04 o'clock