Home    |    View Topics    |    Search    |    Contact Us    |   



Category:   Application (Generic)  >   FreezeX Vendors:   Faronics Corporation
FreezeX File Permissions Let Local Administrators Disable the Service
SecurityTracker Alert ID:  1012699
SecurityTracker URL:
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Updated:  Jun 27 2005
Original Entry Date:  Dec 24 2004
Impact:   Denial of service via local system
Fix Available:  Yes  Vendor Confirmed:  Yes  Exploit Included:  Yes  
Description:   A vulnerability was reported in FreezeX. A local administrative user can permanently disable the FreezeX security protections.

Xenzeo reported that a local user with administrative privileges can overwrite a database file (db.fzx) in the 'C:\Program Files\Faronics\FreezeX\' directory to cause FreezeX to stop working. The software must be reinstalled to return to normal operations.

A demonstration exploit is provided:

C:\> echo "diediedie" > C:\Program Files\Faronices\Freezex\db.fzx

[Editor's note: The product name has changed to 'Faronics Anti-Executable'.]

Impact:   A local administrative user can disable FreezeX.
Solution:   The vendor has issued a fix.

[Editor's note: The product name has changed to 'Faronics Anti-Executable'.]

Vendor URL: (Links to External Site)
Cause:   Access control error
Underlying OS:  Windows (Any)

Message History:   None.

 Source Message Contents

Subject:  [Full-Disclosure] FreezeX file access vulnerability

Affected Products:
	Faronics FreezeX v.


FreezeX is a program that promise, it can prevent executable files from 
beeing run on windows OS.

FreezeX has a database of every file from when it was installed (db.fzx) 
this file i located in C:\Program Files\Faronics\FreezeX\db.fzx, this 
file seems inaccessable, when trying accessing this directory, windows 
reports Access Denied from "dos" and windows.

Though one with administrative access can simply overwrite this file
with misc data, resulting in killing FreezeX

Proof Of Concept:

C:\> echo "diediedie" > C:\Program Files\Faronices\Freezex\db.fzx

	Reboot windows, and FreezeX can no longer determine what
	files have permission to be run, and needs to be reinstalled
	to work again.

Vender status:
	Faronics know of this and promises it will be fixed shortly.

Full-Disclosure - We believe in it.


Go to the Top of This SecurityTracker Archive Page

Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2020, LLC