matousec.com (site map)

Poll

On Windows 7 (or Vista) I use

  unlimited administrator's account (58.06%)

  limited administrator's account (16.29%)

  common user's account (12.67%)

  nothing (I do not use Win 7/Vista) (13.88%)

more

results

Advisory 2007-02-15.01

Comodo DLL injection via weak hash function exploitation Vulnerability

Basic information:


Release date: February 15, 2007

Last update: February 26, 2007

Severity:Medium

Character:Privilege escalation

Status:Unknown

Testing program: BTP00005P005CF.zip

Description:

Comodo Firewall Pro (former Comodo Personal Firewall) implements a component control, which is based on a checksum comparison of process modules. Probably to achieve a better performance, cyclic redundancy check (CRC32) is used as a checksum function in its implementation. However, CRC32 was developed for error detection purposes and can not be used as a reliable cryptographic hashing function because it is possible to generate collisions in real time. The character of CRC32 allows attacker to construct a malicious module with the same CRC32 checksum as a chosen trusted module in the target system and thus bypass the protection of the component control.

Vulnerable software:

Events:

References: