Computer Security
[EN] securityvulns.ru no-pyccku


Ooutpost self-protection bypass
Published:16.01.2007
Source:
SecurityVulns ID:7058
Type:local
Threat Level:
4/10
Description:It's possible to bypass self-protection by using NTFS hard links.
Affected:AGNITUM : Outpost Firewall Pro 4.0
CVE:CVE-2007-0333 (Agnitum Outpost Firewall PRO 4.0 allows local users to bypass access restrictions and insert Trojan horse drivers into the product's installation directory by creating links using FileLinkInformation requests with the ZwSetInformationFile function, as demonstrated by modifying SandBox.sys.)
Original documentdocumentMatousec - Transparent security Research, Outpost Bypassing Self-Protection using file links Vulnerability (16.01.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod