Advisory 2006-11-01.01

Outpost Insufficient validation of 'SandBox' driver input buffer

Basic information:

Description:

Outpost insufficiently protects its driver \Device\SandBox against a manipulation by malicious applications and it fails to validate its input buffer. It is possible to open this driver and send arbitrary data to it, which are implicitly believed to be valid. It is possible to assemble the data in the input buffer such that the driver performs an invalid memory operation and crashes the whole operating system. Further impacts of this bug were not examined.

Vulnerable software:

• Outpost Firewall PRO 4.0 (971.584.079)
• Outpost Firewall PRO 4.0 (964.582.059)
• probably all older versions of Outpost Firewall PRO 4.0

Not vulnerable software:

• Outpost Firewall PRO 4.0 (1005.590.123) and higher

Events:

• 2007-01-11: The product vendor released Outpost Firewall PRO 4.0 (1005.590.123), which fixed the bug
• 2006-11-03: Vulnerability confirmed by the vendor
• 2006-11-03: Candidate for inclusion in the CVE list
• 2006-11-02: Vulnerability confirmed by popular information sources
• 2006-11-01: Advisory released
• 2006-11-01: Vendor notification

References:

• SecuriTeam - Windows NT Focus
• Common Vulnerabilities and Exposures
• National Vulnerability Database
• SecurityFocus Vulnerabilities
• Packet Storm Security Advisory
• FrSIRT Security Advisories
• Secunia Advisories
• Outpost Personal Firewall PRO

valid HTML 4.01 · valid CSS 2 · optimized for you · design by martina · powered by jan · generated on August 21, 2008