Advisory 2007-06-01.01

Outpost Enforcing system reboot with 'outpost_ipc_hdr' mutex Vulnerability

Basic information:

Description:

Outpost insufficiently protects its own mutex outpost_ipc_hdr. Arbitrary process is able to open and capture this mutex. In such case, Outpost is not able to use this mutex for its synchronization and its internal mechanisms lock when they try to use it. Outpost uses this mutex every time a potentially dangerous operation is executed. For example, this results in an impossibility of running new processes while the mutex is locked. After the mutex is released, all blocked operations completes. However, the release can not be enforced. Users are thus forced to reboot the system.

Vulnerable software:

• Outpost Firewall PRO 4.0 (1024.700.292)
• Outpost Firewall PRO 4.0 (1007.591.145)
• Outpost Firewall PRO 4.0 (964.582.059)
• probably all older versions of Outpost Firewall PRO 4.0
• possibly older versions of Outpost Firewall PRO

Not vulnerable software:

• Outpost Firewall Pro 2008 6.0.2162.205.402.266 and higher

Events:

• 2007-10-24: The product vendor released Outpost Firewall Pro 2008 6.0.2162.205.402.266, which fixed the bug
• 2007-06-06: Candidate for inclusion in the CVE list
• 2007-06-04: Vulnerability confirmed by popular information sources
• 2007-06-01: Advisory released
• 2007-06-01: Vendor notification

References:

• SecuriTeam - Windows NT Focus
• SecurityFocus Vulnerabilities
• Internet Security Systems - X-Force Database
• National Vulnerability Database
• Common Vulnerabilities and Exposures
• Security alert on SecurityReason
• Outpost Personal Firewall PRO

valid HTML 4.01 · valid CSS 2 · optimized for you · design by martina · powered by jan · generated on August 21, 2008