Poll
How much system resources could your security products consume at most?
Advisory 2007-09-18.01
Plague in (security) software drivers
Basic information:
Release date: September 18, 2007
Last update: September 19, 2007
Severity:Medium
Character:System crash
Status:N/A
Testing program: bsodhook.zip
Description:
Available in the Plague in (security) software drivers article.
Vulnerable software:
- BlackICE PC Protection 3.6.cqn
- G DATA InternetSecurity 2007
- Ghost Security Suite beta 1.110 and alpha 1.200
- Kaspersky Internet Security 7.0.0.125
- Norton Internet Security 2008 15.0.0.60
- Online Armor Personal Firewall 2.0.1.215
- Outpost Firewall Pro 4.0.1025.7828
- Privatefirewall 5.0.14.2
- Process Monitor 1.22
- ProcessGuard 3.410
- ProSecurity 1.40 Beta 2
- RegMon 7.04
- ZoneAlarm Pro 7.0.362.000
- probably other versions of above mentioned software
- possibly many other software products that implement SSDT hooks
Not vulnerable software:
- Comodo Personal Firewall 2.4.18.184
- Daemon Tools Lite 4.10 X86
- Sunbelt Personal Firewall 4.5.916.0
Events:
- 2007-09-18: Vulnerability confirmed by popular information sources
- 2007-09-18: Advisory released
- 2007-09-03 - 2007-09-11: Vendors notifications, some vendors confirmed the vulnerability
References:
- SecurityFocus Vulnerabilities BID 24491, BID 25705, BID 25709, BID 25711, BID 25712, BID 25714, BID 25718, BID 25719, BID 25721
- National Vulnerability Database CVE-2007-4967, CVE-2007-4968, CVE-2007-4969, CVE-2007-4970, CVE-2007-4971, CVE-2007-4972
- Common Vulnerabilities and Exposures CVE-2007-4967, CVE-2007-4968, CVE-2007-4969, CVE-2007-4970, CVE-2007-4971, CVE-2007-4972
- SecuriTeam comment
- heise Security comment