SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Firewall)  >   Tiny Personal Firewall Vendors:   Tiny Software
Tiny Personal Firewall Lets Physically Local Users Accept or Deny Connections When a Workstation is Locked
SecurityTracker Alert ID:  1003710
SecurityTracker URL:  http://securitytracker.com/id/1003710
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Mar 1 2002
Impact:   Host/resource access via network, Modification of system information
Exploit Included:  Yes  
Version(s): 2.0.15a, possibly other versions
Description:   A vulnerability was reported in the Tiny Personal Firewall from Tiny Software. A physically local user can cause connections to be permitted on an unattended, locked workstation.

It is reported that when a workstation is locked (ctrl+alt+del), the firewall software's popup alert/dialogue still jumps to the foreground to request that the local console user either permit or deny a connection. A physically local user can bypass the locked workstation restrictions and permit or deny the connection via the popup alert window.

Impact:   A physically local user can cause firewall connections to be permitted or denied on a locked workstation.
Solution:   No solution was available at the time of this entry.
Vendor URL:  www.tinysoftware.com/home/tiny?pg=tpf_summary (Links to External Site)
Cause:   Access control error, State error
Underlying OS:  Windows (Any)
Underlying OS Comments:  Tested on Windows 2000

Message History:   This archive entry has one or more follow-up message(s) listed below.
(A User Provides a Configuration Fix) Re: Tiny Personal Firewall Lets Physically Local Users Accept or Deny Connections When a Workstation is Locked
A user has described how to fix this through proper configuration.



 Source Message Contents

Subject:  ... Tiny Personal Firewall ...


Hi ...


Scanning hosts running the Tiny Personal Firewall (2.0.15a) on W2K
workstations that have been locked (ctl + alt + del)

The popup alert/dialogue jumps to the foreground, thus open to accept
permit/deny input from the local console, even when the workstations are
locked (ctl + alt + del).  Thus an untrusted individual whom has local access
to individuals workstations can scan a workstation/network, wait for the popup
alert dialogue and enter "permit" on unattended (locked workstations) without
the owners permission/knowledge, No need to first unlock (ctl + alt + del)
...


CHEERS ...

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC