Outpost Firewall Software Can Be Silently Crashed By Local Users
|
|
SecurityTracker Alert ID: 1007299 |
|
SecurityTracker URL: http://securitytracker.com/id/1007299
|
|
CVE Reference:
GENERIC-MAP-NOMATCH
(Links to External Site)
|
Date: Jul 25 2003
|
Impact:
Denial of service via local system, Host/resource access via network
|
Exploit Included: Yes
|
Version(s): Pro 1.0.1817.1645
|
Description:
A vulnerability was reported in Agnitum's Outpost Personal Firewall. A local user can cause the firewall service to crash.
Dmitry Apraksin reported that a local user can launch a new network-enabled application and, when the firewall requests to the user if the user would like to add this application to the rule set, the user can choose to close the window by selecting "Exit and stop service." This will reportedly cause the firewall to crash silently.
|
Impact:
A local user can cause the firewall service to silently stop functioning. This may leave the host unprotected.
|
Solution:
No solution was available at the time of this entry.
|
Vendor URL: www.agnitum.com/products/outpost/ (Links to External Site)
|
Cause:
Exception handling error
|
Underlying OS:
Windows (Any)
|
|
Message History:
None.
|
Source Message Contents
|
Date: Fri, 25 Jul 2003 02:49:27 -0400
Subject: Outpost Firewall Pro ver. 1.0.1817.1645 local bug
|
http://www.security.nnov.ru/search/document.asp?docid=4897
> Description: Unprivileges user can stop firewall service by launching new
> network application and choosing "Exit and stop service".
> Original text: Dmitry Apraksin, Outpost Firewall Pro ver. 1.0.1817.1645 local bug
When launching a new network-enabled application, the firewall reportedly requests to the
user if the user would like to add this application to the rule set. If the user closes
the window by chosing "Exit and stop service", the firewall will reportedly crash silently.
|
|
