Search

Find a vulnerability

Search criteria

    16 vulnerabilities found for outpost_firewall by agnitum

    CVE-2007-5042 (GCVE-0-2007-5042)

    Vulnerability from nvd – Published: 2007-09-24 00:00 – Updated: 2024-08-07 15:17
    VLAI
    Summary
    Outpost Firewall Pro 4.0.1025.7828 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via the (1) NtCreateKey, (2) NtDeleteFile, (3) NtLoadDriver, (4) NtOpenProcess, (5) NtOpenSection, (6) NtOpenThread, and (7) NtUnloadDriver kernel SSDT hooks, a partial regression of CVE-2006-7160.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://securityreason.com/securityalert/3161 third-party-advisoryx_refsource_SREASON
    http://osvdb.org/45899 vdb-entryx_refsource_OSVDB
    http://www.matousec.com/info/advisories/plague-in… x_refsource_MISC
    http://www.matousec.com/projects/windows-personal… x_refsource_MISC
    http://www.securityfocus.com/archive/1/479830/100… mailing-listx_refsource_BUGTRAQ
    Date Public
    2007-09-18 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T15:17:28.319Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "3161",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/3161"
              },
              {
                "name": "45899",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/45899"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php"
              },
              {
                "name": "20070918 Plague in (security) software drivers \u0026 BSDOhook utility",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/479830/100/0/threaded"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-09-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Outpost Firewall Pro 4.0.1025.7828 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via the (1) NtCreateKey, (2) NtDeleteFile, (3) NtLoadDriver, (4) NtOpenProcess, (5) NtOpenSection, (6) NtOpenThread, and (7) NtUnloadDriver kernel SSDT hooks, a partial regression of CVE-2006-7160."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-15T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "3161",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/3161"
            },
            {
              "name": "45899",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/45899"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php"
            },
            {
              "name": "20070918 Plague in (security) software drivers \u0026 BSDOhook utility",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/479830/100/0/threaded"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-5042",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Outpost Firewall Pro 4.0.1025.7828 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via the (1) NtCreateKey, (2) NtDeleteFile, (3) NtLoadDriver, (4) NtOpenProcess, (5) NtOpenSection, (6) NtOpenThread, and (7) NtUnloadDriver kernel SSDT hooks, a partial regression of CVE-2006-7160."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "3161",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/3161"
                },
                {
                  "name": "45899",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/45899"
                },
                {
                  "name": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php",
                  "refsource": "MISC",
                  "url": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php"
                },
                {
                  "name": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php",
                  "refsource": "MISC",
                  "url": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php"
                },
                {
                  "name": "20070918 Plague in (security) software drivers \u0026 BSDOhook utility",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/479830/100/0/threaded"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-5042",
        "datePublished": "2007-09-24T00:00:00.000Z",
        "dateReserved": "2007-09-23T00:00:00.000Z",
        "dateUpdated": "2024-08-07T15:17:28.319Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-3086 (GCVE-0-2007-3086)

    Vulnerability from nvd – Published: 2007-06-06 10:00 – Updated: 2024-08-07 14:05
    VLAI
    Summary
    Unrestricted critical resource lock in Agnitum Outpost Firewall PRO 4.0 1007.591.145 and earlier allows local users to cause a denial of service (system hang) by capturing the outpost_ipc_hdr mutex.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/archive/1/470278/100… mailing-listx_refsource_BUGTRAQ
    http://osvdb.org/42038 vdb-entryx_refsource_OSVDB
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.matousec.com/info/advisories/Outpost-E… x_refsource_MISC
    http://securityreason.com/securityalert/2775 third-party-advisoryx_refsource_SREASON
    http://www.securityfocus.com/bid/24284 vdb-entryx_refsource_BID
    Date Public
    2007-06-01 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T14:05:29.252Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20070601 Outpost Enforcing system reboot with \u0027outpost_ipc_hdr\u0027 mutex Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/470278/100/0/threaded"
              },
              {
                "name": "42038",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/42038"
              },
              {
                "name": "outpostfirewall-outpostipchdr-dos(34686)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34686"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.matousec.com/info/advisories/Outpost-Enforcing-system-reboot-with-outpost_ipc_hdr-mutex.php"
              },
              {
                "name": "2775",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/2775"
              },
              {
                "name": "24284",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/24284"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-06-01T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Unrestricted critical resource lock in Agnitum Outpost Firewall PRO 4.0 1007.591.145 and earlier allows local users to cause a denial of service (system hang) by capturing the outpost_ipc_hdr mutex."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-16T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20070601 Outpost Enforcing system reboot with \u0027outpost_ipc_hdr\u0027 mutex Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/470278/100/0/threaded"
            },
            {
              "name": "42038",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/42038"
            },
            {
              "name": "outpostfirewall-outpostipchdr-dos(34686)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34686"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.matousec.com/info/advisories/Outpost-Enforcing-system-reboot-with-outpost_ipc_hdr-mutex.php"
            },
            {
              "name": "2775",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/2775"
            },
            {
              "name": "24284",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/24284"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-3086",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Unrestricted critical resource lock in Agnitum Outpost Firewall PRO 4.0 1007.591.145 and earlier allows local users to cause a denial of service (system hang) by capturing the outpost_ipc_hdr mutex."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20070601 Outpost Enforcing system reboot with \u0027outpost_ipc_hdr\u0027 mutex Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/470278/100/0/threaded"
                },
                {
                  "name": "42038",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/42038"
                },
                {
                  "name": "outpostfirewall-outpostipchdr-dos(34686)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34686"
                },
                {
                  "name": "http://www.matousec.com/info/advisories/Outpost-Enforcing-system-reboot-with-outpost_ipc_hdr-mutex.php",
                  "refsource": "MISC",
                  "url": "http://www.matousec.com/info/advisories/Outpost-Enforcing-system-reboot-with-outpost_ipc_hdr-mutex.php"
                },
                {
                  "name": "2775",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/2775"
                },
                {
                  "name": "24284",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/24284"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-3086",
        "datePublished": "2007-06-06T10:00:00.000Z",
        "dateReserved": "2007-06-05T00:00:00.000Z",
        "dateUpdated": "2024-08-07T14:05:29.252Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-7160 (GCVE-0-2006-7160)

    Vulnerability from nvd – Published: 2007-03-07 20:00 – Updated: 2024-08-07 20:57
    VLAI
    Summary
    The Sandbox.sys driver in Outpost Firewall PRO 4.0, and possibly earlier versions, does not validate arguments to hooked SSDT functions, which allows local users to cause a denial of service (crash) via invalid arguments to the (1) NtAssignProcessToJobObject,, (2) NtCreateKey, (3) NtCreateThread, (4) NtDeleteFile, (5) NtLoadDriver, (6) NtOpenProcess, (7) NtProtectVirtualMemory, (8) NtReplaceKey, (9) NtTerminateProcess, (10) NtTerminateThread, (11) NtUnloadDriver, and (12) NtWriteVirtualMemory functions.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://securityreason.com/securityalert/2376 third-party-advisoryx_refsource_SREASON
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.vupen.com/english/advisories/2006/4537 vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/archive/1/451672/100… mailing-listx_refsource_BUGTRAQ
    http://secunia.com/advisories/22913 third-party-advisoryx_refsource_SECUNIA
    http://www.matousec.com/info/advisories/Outpost-M… x_refsource_MISC
    http://www.securityfocus.com/bid/21097 vdb-entryx_refsource_BID
    Date Public
    2006-11-15 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T20:57:39.963Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "2376",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/2376"
              },
              {
                "name": "outpostfirewall-multiple-functions-dos(30312)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30312"
              },
              {
                "name": "ADV-2006-4537",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/4537"
              },
              {
                "name": "20061115 Outpost Multiple insufficient argument validation of hooked SSDT function Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/451672/100/0/threaded"
              },
              {
                "name": "22913",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/22913"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.matousec.com/info/advisories/Outpost-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php"
              },
              {
                "name": "21097",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/21097"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-11-15T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The Sandbox.sys driver in Outpost Firewall PRO 4.0, and possibly earlier versions, does not validate arguments to hooked SSDT functions, which allows local users to cause a denial of service (crash) via invalid arguments to the (1) NtAssignProcessToJobObject,, (2) NtCreateKey, (3) NtCreateThread, (4) NtDeleteFile, (5) NtLoadDriver, (6) NtOpenProcess, (7) NtProtectVirtualMemory, (8) NtReplaceKey, (9) NtTerminateProcess, (10) NtTerminateThread, (11) NtUnloadDriver, and (12) NtWriteVirtualMemory functions."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-16T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "2376",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/2376"
            },
            {
              "name": "outpostfirewall-multiple-functions-dos(30312)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30312"
            },
            {
              "name": "ADV-2006-4537",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/4537"
            },
            {
              "name": "20061115 Outpost Multiple insufficient argument validation of hooked SSDT function Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/451672/100/0/threaded"
            },
            {
              "name": "22913",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/22913"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.matousec.com/info/advisories/Outpost-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php"
            },
            {
              "name": "21097",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/21097"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-7160",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Sandbox.sys driver in Outpost Firewall PRO 4.0, and possibly earlier versions, does not validate arguments to hooked SSDT functions, which allows local users to cause a denial of service (crash) via invalid arguments to the (1) NtAssignProcessToJobObject,, (2) NtCreateKey, (3) NtCreateThread, (4) NtDeleteFile, (5) NtLoadDriver, (6) NtOpenProcess, (7) NtProtectVirtualMemory, (8) NtReplaceKey, (9) NtTerminateProcess, (10) NtTerminateThread, (11) NtUnloadDriver, and (12) NtWriteVirtualMemory functions."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "2376",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/2376"
                },
                {
                  "name": "outpostfirewall-multiple-functions-dos(30312)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30312"
                },
                {
                  "name": "ADV-2006-4537",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/4537"
                },
                {
                  "name": "20061115 Outpost Multiple insufficient argument validation of hooked SSDT function Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/451672/100/0/threaded"
                },
                {
                  "name": "22913",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/22913"
                },
                {
                  "name": "http://www.matousec.com/info/advisories/Outpost-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php",
                  "refsource": "MISC",
                  "url": "http://www.matousec.com/info/advisories/Outpost-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php"
                },
                {
                  "name": "21097",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/21097"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-7160",
        "datePublished": "2007-03-07T20:00:00.000Z",
        "dateReserved": "2007-03-07T00:00:00.000Z",
        "dateUpdated": "2024-08-07T20:57:39.963Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-0333 (GCVE-0-2007-0333)

    Vulnerability from nvd – Published: 2007-01-18 02:00 – Updated: 2024-08-07 12:12
    VLAI
    Summary
    Agnitum Outpost Firewall PRO 4.0 allows local users to bypass access restrictions and insert Trojan horse drivers into the product's installation directory by creating links using FileLinkInformation requests with the ZwSetInformationFile function, as demonstrated by modifying SandBox.sys.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/archive/1/456973/100… mailing-listx_refsource_BUGTRAQ
    http://www.matousec.com/info/advisories/Outpost-B… x_refsource_MISC
    http://www.securityfocus.com/bid/22069 vdb-entryx_refsource_BID
    http://osvdb.org/33480 vdb-entryx_refsource_OSVDB
    http://securityreason.com/securityalert/2163 third-party-advisoryx_refsource_SREASON
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2007-01-15 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T12:12:18.103Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20070115 Outpost Bypassing Self-Protection using file links Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/456973/100/0/threaded"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.matousec.com/info/advisories/Outpost-Bypassing-Self-Protection-using-file-links.php"
              },
              {
                "name": "22069",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/22069"
              },
              {
                "name": "33480",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/33480"
              },
              {
                "name": "2163",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/2163"
              },
              {
                "name": "outpostfirewall-zwset-privilege-escalation(31529)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31529"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-01-15T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Agnitum Outpost Firewall PRO 4.0 allows local users to bypass access restrictions and insert Trojan horse drivers into the product\u0027s installation directory by creating links using FileLinkInformation requests with the ZwSetInformationFile function, as demonstrated by modifying SandBox.sys."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-16T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20070115 Outpost Bypassing Self-Protection using file links Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/456973/100/0/threaded"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.matousec.com/info/advisories/Outpost-Bypassing-Self-Protection-using-file-links.php"
            },
            {
              "name": "22069",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/22069"
            },
            {
              "name": "33480",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/33480"
            },
            {
              "name": "2163",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/2163"
            },
            {
              "name": "outpostfirewall-zwset-privilege-escalation(31529)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31529"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-0333",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Agnitum Outpost Firewall PRO 4.0 allows local users to bypass access restrictions and insert Trojan horse drivers into the product\u0027s installation directory by creating links using FileLinkInformation requests with the ZwSetInformationFile function, as demonstrated by modifying SandBox.sys."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20070115 Outpost Bypassing Self-Protection using file links Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/456973/100/0/threaded"
                },
                {
                  "name": "http://www.matousec.com/info/advisories/Outpost-Bypassing-Self-Protection-using-file-links.php",
                  "refsource": "MISC",
                  "url": "http://www.matousec.com/info/advisories/Outpost-Bypassing-Self-Protection-using-file-links.php"
                },
                {
                  "name": "22069",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/22069"
                },
                {
                  "name": "33480",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/33480"
                },
                {
                  "name": "2163",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/2163"
                },
                {
                  "name": "outpostfirewall-zwset-privilege-escalation(31529)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31529"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-0333",
        "datePublished": "2007-01-18T02:00:00.000Z",
        "dateReserved": "2007-01-17T00:00:00.000Z",
        "dateUpdated": "2024-08-07T12:12:18.103Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-5721 (GCVE-0-2006-5721)

    Vulnerability from nvd – Published: 2006-11-04 01:00 – Updated: 2024-08-07 20:04
    VLAI
    Summary
    The \Device\SandBox driver in Outpost Firewall PRO 4.0 (964.582.059) allows local users to cause a denial of service (system crash) via an invalid argument to the DeviceIoControl function that triggers an invalid memory operation.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.vupen.com/english/advisories/2006/4309 vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/bid/20860 vdb-entryx_refsource_BID
    http://secunia.com/advisories/22673 third-party-advisoryx_refsource_SECUNIA
    http://www.matousec.com/info/advisories/Outpost-I… x_refsource_MISC
    http://securityreason.com/securityalert/1821 third-party-advisoryx_refsource_SREASON
    http://securitytracker.com/id?1017150 vdb-entryx_refsource_SECTRACK
    http://www.securityfocus.com/archive/1/450293/100… mailing-listx_refsource_BUGTRAQ
    Date Public
    2006-11-01 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T20:04:54.744Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "outpostfirewall-sandbox-dos(29969)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29969"
              },
              {
                "name": "ADV-2006-4309",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/4309"
              },
              {
                "name": "20860",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/20860"
              },
              {
                "name": "22673",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/22673"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.matousec.com/info/advisories/Outpost-Insufficient-validation-of-SandBox-driver-input-buffer.php"
              },
              {
                "name": "1821",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/1821"
              },
              {
                "name": "1017150",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1017150"
              },
              {
                "name": "20061101 Outpost Insufficient validation of \u0027SandBox\u0027 driver input buffer",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/450293/100/0/threaded"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-11-01T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The \\Device\\SandBox driver in Outpost Firewall PRO 4.0 (964.582.059) allows local users to cause a denial of service (system crash) via an invalid argument to the DeviceIoControl function that triggers an invalid memory operation."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "outpostfirewall-sandbox-dos(29969)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29969"
            },
            {
              "name": "ADV-2006-4309",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/4309"
            },
            {
              "name": "20860",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/20860"
            },
            {
              "name": "22673",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/22673"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.matousec.com/info/advisories/Outpost-Insufficient-validation-of-SandBox-driver-input-buffer.php"
            },
            {
              "name": "1821",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/1821"
            },
            {
              "name": "1017150",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1017150"
            },
            {
              "name": "20061101 Outpost Insufficient validation of \u0027SandBox\u0027 driver input buffer",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/450293/100/0/threaded"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-5721",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The \\Device\\SandBox driver in Outpost Firewall PRO 4.0 (964.582.059) allows local users to cause a denial of service (system crash) via an invalid argument to the DeviceIoControl function that triggers an invalid memory operation."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "outpostfirewall-sandbox-dos(29969)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29969"
                },
                {
                  "name": "ADV-2006-4309",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/4309"
                },
                {
                  "name": "20860",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/20860"
                },
                {
                  "name": "22673",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/22673"
                },
                {
                  "name": "http://www.matousec.com/info/advisories/Outpost-Insufficient-validation-of-SandBox-driver-input-buffer.php",
                  "refsource": "MISC",
                  "url": "http://www.matousec.com/info/advisories/Outpost-Insufficient-validation-of-SandBox-driver-input-buffer.php"
                },
                {
                  "name": "1821",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/1821"
                },
                {
                  "name": "1017150",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1017150"
                },
                {
                  "name": "20061101 Outpost Insufficient validation of \u0027SandBox\u0027 driver input buffer",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/450293/100/0/threaded"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-5721",
        "datePublished": "2006-11-04T01:00:00.000Z",
        "dateReserved": "2006-11-03T00:00:00.000Z",
        "dateUpdated": "2024-08-07T20:04:54.744Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-3696 (GCVE-0-2006-3696)

    Vulnerability from nvd – Published: 2006-07-19 01:00 – Updated: 2024-08-07 18:39
    VLAI
    Summary
    filtnt.sys in Outpost Firewall Pro before 3.51.759.6511 (462) allows local users to cause a denial of service (crash) via long arguments to mshta.exe.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/21095 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/19026 vdb-entryx_refsource_BID
    http://www.securityfocus.com/archive/1/440427 mailing-listx_refsource_BUGTRAQ
    http://securityreason.com/securityalert/1247 third-party-advisoryx_refsource_SREASON
    http://www.vupen.com/english/advisories/2006/2853 vdb-entryx_refsource_VUPEN
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2006-07-17 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T18:39:53.930Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "21095",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/21095"
              },
              {
                "name": "19026",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/19026"
              },
              {
                "name": "20060717 Outpost Firewall Pro secrately fixing security flaws?",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/440427"
              },
              {
                "name": "1247",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/1247"
              },
              {
                "name": "ADV-2006-2853",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/2853"
              },
              {
                "name": "outpost-firewall-filtnt-bo(27840)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27840"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-07-17T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "filtnt.sys in Outpost Firewall Pro before 3.51.759.6511 (462) allows local users to cause a denial of service (crash) via long arguments to mshta.exe."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-19T15:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "21095",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/21095"
            },
            {
              "name": "19026",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/19026"
            },
            {
              "name": "20060717 Outpost Firewall Pro secrately fixing security flaws?",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/440427"
            },
            {
              "name": "1247",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/1247"
            },
            {
              "name": "ADV-2006-2853",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/2853"
            },
            {
              "name": "outpost-firewall-filtnt-bo(27840)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27840"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-3696",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "filtnt.sys in Outpost Firewall Pro before 3.51.759.6511 (462) allows local users to cause a denial of service (crash) via long arguments to mshta.exe."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "21095",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/21095"
                },
                {
                  "name": "19026",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/19026"
                },
                {
                  "name": "20060717 Outpost Firewall Pro secrately fixing security flaws?",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/440427"
                },
                {
                  "name": "1247",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/1247"
                },
                {
                  "name": "ADV-2006-2853",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/2853"
                },
                {
                  "name": "outpost-firewall-filtnt-bo(27840)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27840"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-3696",
        "datePublished": "2006-07-19T01:00:00.000Z",
        "dateReserved": "2006-07-18T00:00:00.000Z",
        "dateUpdated": "2024-08-07T18:39:53.930Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-3697 (GCVE-0-2006-3697)

    Vulnerability from nvd – Published: 2006-07-19 01:00 – Updated: 2024-08-07 18:39
    VLAI
    Summary
    Agnitum Outpost Firewall Pro 3.51.759.6511 (462), as used in (1) Lavasoft Personal Firewall 1.0.543.5722 (433) and (2) Novell BorderManager Novell Client Firewall 2.0, does not properly restrict user activities in application windows that run in a LocalSystem context, which allows local users to gain privileges and execute commands (a) via the "open folder" option when no instance of explorer.exe is running, possibly related to the ShellExecute API function; or (b) by overwriting a batch file through the "Save Configuration As" option. NOTE: this might be a vulnerability in Microsoft Windows and explorer.exe instead of the firewall.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/21089 third-party-advisoryx_refsource_SECUNIA
    http://www.osvdb.org/27349 vdb-entryx_refsource_OSVDB
    http://www.securityfocus.com/bid/19018 vdb-entryx_refsource_BID
    http://www.securityfocus.com/archive/1/440426/100… mailing-listx_refsource_BUGTRAQ
    http://www.vupen.com/english/advisories/2007/0144 vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/bid/19024 vdb-entryx_refsource_BID
    http://www.vupen.com/english/advisories/2006/2851 vdb-entryx_refsource_VUPEN
    http://www.vupen.com/english/advisories/2006/2852 vdb-entryx_refsource_VUPEN
    http://www.ben.goulding.com.au/secad.html x_refsource_MISC
    http://secunia.com/advisories/21088 third-party-advisoryx_refsource_SECUNIA
    https://secure-support.novell.com/KanisaPlatform/… x_refsource_CONFIRM
    Date Public
    2006-07-17 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T18:39:53.553Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "21089",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/21089"
              },
              {
                "name": "27349",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/27349"
              },
              {
                "name": "19018",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/19018"
              },
              {
                "name": "20060716 Escalation of privileges in Outpost and Lavasoft Firewalls -Unusual ShellExecute behavior",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/440426/100/0/threaded"
              },
              {
                "name": "ADV-2007-0144",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/0144"
              },
              {
                "name": "19024",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/19024"
              },
              {
                "name": "ADV-2006-2851",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/2851"
              },
              {
                "name": "ADV-2006-2852",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/2852"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.ben.goulding.com.au/secad.html"
              },
              {
                "name": "21088",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/21088"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://secure-support.novell.com/KanisaPlatform/Publishing/903/3762108_f.SAL_Public.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-07-17T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Agnitum Outpost Firewall Pro 3.51.759.6511 (462), as used in (1) Lavasoft Personal Firewall 1.0.543.5722 (433) and (2) Novell BorderManager Novell Client Firewall 2.0, does not properly restrict user activities in application windows that run in a LocalSystem context, which allows local users to gain privileges and execute commands (a) via the \"open folder\" option when no instance of explorer.exe is running, possibly related to the ShellExecute API function; or (b) by overwriting a batch file through the \"Save Configuration As\" option. NOTE: this might be a vulnerability in Microsoft Windows and explorer.exe instead of the firewall."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-18T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "21089",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/21089"
            },
            {
              "name": "27349",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/27349"
            },
            {
              "name": "19018",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/19018"
            },
            {
              "name": "20060716 Escalation of privileges in Outpost and Lavasoft Firewalls -Unusual ShellExecute behavior",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/440426/100/0/threaded"
            },
            {
              "name": "ADV-2007-0144",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/0144"
            },
            {
              "name": "19024",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/19024"
            },
            {
              "name": "ADV-2006-2851",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/2851"
            },
            {
              "name": "ADV-2006-2852",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/2852"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.ben.goulding.com.au/secad.html"
            },
            {
              "name": "21088",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/21088"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://secure-support.novell.com/KanisaPlatform/Publishing/903/3762108_f.SAL_Public.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-3697",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Agnitum Outpost Firewall Pro 3.51.759.6511 (462), as used in (1) Lavasoft Personal Firewall 1.0.543.5722 (433) and (2) Novell BorderManager Novell Client Firewall 2.0, does not properly restrict user activities in application windows that run in a LocalSystem context, which allows local users to gain privileges and execute commands (a) via the \"open folder\" option when no instance of explorer.exe is running, possibly related to the ShellExecute API function; or (b) by overwriting a batch file through the \"Save Configuration As\" option. NOTE: this might be a vulnerability in Microsoft Windows and explorer.exe instead of the firewall."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "21089",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/21089"
                },
                {
                  "name": "27349",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/27349"
                },
                {
                  "name": "19018",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/19018"
                },
                {
                  "name": "20060716 Escalation of privileges in Outpost and Lavasoft Firewalls -Unusual ShellExecute behavior",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/440426/100/0/threaded"
                },
                {
                  "name": "ADV-2007-0144",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/0144"
                },
                {
                  "name": "19024",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/19024"
                },
                {
                  "name": "ADV-2006-2851",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/2851"
                },
                {
                  "name": "ADV-2006-2852",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/2852"
                },
                {
                  "name": "http://www.ben.goulding.com.au/secad.html",
                  "refsource": "MISC",
                  "url": "http://www.ben.goulding.com.au/secad.html"
                },
                {
                  "name": "21088",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/21088"
                },
                {
                  "name": "https://secure-support.novell.com/KanisaPlatform/Publishing/903/3762108_f.SAL_Public.html",
                  "refsource": "CONFIRM",
                  "url": "https://secure-support.novell.com/KanisaPlatform/Publishing/903/3762108_f.SAL_Public.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-3697",
        "datePublished": "2006-07-19T01:00:00.000Z",
        "dateReserved": "2006-07-18T00:00:00.000Z",
        "dateUpdated": "2024-08-07T18:39:53.553Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-2472 (GCVE-0-2004-2472)

    Vulnerability from nvd – Published: 2005-08-20 04:00 – Updated: 2024-08-08 01:29
    VLAI
    Summary
    Agnitum Outpost Pro Firewall 2.1 allows remote attackers to cause a denial of service (CPU consumption) via a flood of small, invalid packets, which can not be processed quickly enough by Outpost Pro.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/10338 vdb-entryx_refsource_BID
    http://secunia.com/advisories/11601 third-party-advisoryx_refsource_SECUNIA
    http://www.osvdb.org/6110 vdb-entryx_refsource_OSVDB
    http://www.securiteam.com/windowsntfocus/5FP0E0KC… x_refsource_MISC
    http://securitytracker.com/alerts/2004/May/1010151.html vdb-entryx_refsource_SECTRACK
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2004-05-13 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T01:29:13.926Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "10338",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/10338"
              },
              {
                "name": "11601",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/11601"
              },
              {
                "name": "6110",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/6110"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.securiteam.com/windowsntfocus/5FP0E0KCUW.html"
              },
              {
                "name": "1010151",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/alerts/2004/May/1010151.html"
              },
              {
                "name": "outpost-packet-dos(16133)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16133"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-05-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Agnitum Outpost Pro Firewall 2.1 allows remote attackers to cause a denial of service (CPU consumption) via a flood of small, invalid packets, which can not be processed quickly enough by Outpost Pro."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "10338",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/10338"
            },
            {
              "name": "11601",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/11601"
            },
            {
              "name": "6110",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/6110"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.securiteam.com/windowsntfocus/5FP0E0KCUW.html"
            },
            {
              "name": "1010151",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/alerts/2004/May/1010151.html"
            },
            {
              "name": "outpost-packet-dos(16133)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16133"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-2472",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Agnitum Outpost Pro Firewall 2.1 allows remote attackers to cause a denial of service (CPU consumption) via a flood of small, invalid packets, which can not be processed quickly enough by Outpost Pro."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "10338",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/10338"
                },
                {
                  "name": "11601",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/11601"
                },
                {
                  "name": "6110",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/6110"
                },
                {
                  "name": "http://www.securiteam.com/windowsntfocus/5FP0E0KCUW.html",
                  "refsource": "MISC",
                  "url": "http://www.securiteam.com/windowsntfocus/5FP0E0KCUW.html"
                },
                {
                  "name": "1010151",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/alerts/2004/May/1010151.html"
                },
                {
                  "name": "outpost-packet-dos(16133)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16133"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-2472",
        "datePublished": "2005-08-20T04:00:00.000Z",
        "dateReserved": "2005-08-20T00:00:00.000Z",
        "dateUpdated": "2024-08-08T01:29:13.926Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-5042 (GCVE-0-2007-5042)

    Vulnerability from cvelistv5 – Published: 2007-09-24 00:00 – Updated: 2024-08-07 15:17
    VLAI
    Summary
    Outpost Firewall Pro 4.0.1025.7828 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via the (1) NtCreateKey, (2) NtDeleteFile, (3) NtLoadDriver, (4) NtOpenProcess, (5) NtOpenSection, (6) NtOpenThread, and (7) NtUnloadDriver kernel SSDT hooks, a partial regression of CVE-2006-7160.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://securityreason.com/securityalert/3161 third-party-advisoryx_refsource_SREASON
    http://osvdb.org/45899 vdb-entryx_refsource_OSVDB
    http://www.matousec.com/info/advisories/plague-in… x_refsource_MISC
    http://www.matousec.com/projects/windows-personal… x_refsource_MISC
    http://www.securityfocus.com/archive/1/479830/100… mailing-listx_refsource_BUGTRAQ
    Date Public
    2007-09-18 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T15:17:28.319Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "3161",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/3161"
              },
              {
                "name": "45899",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/45899"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php"
              },
              {
                "name": "20070918 Plague in (security) software drivers \u0026 BSDOhook utility",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/479830/100/0/threaded"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-09-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Outpost Firewall Pro 4.0.1025.7828 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via the (1) NtCreateKey, (2) NtDeleteFile, (3) NtLoadDriver, (4) NtOpenProcess, (5) NtOpenSection, (6) NtOpenThread, and (7) NtUnloadDriver kernel SSDT hooks, a partial regression of CVE-2006-7160."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-15T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "3161",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/3161"
            },
            {
              "name": "45899",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/45899"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php"
            },
            {
              "name": "20070918 Plague in (security) software drivers \u0026 BSDOhook utility",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/479830/100/0/threaded"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-5042",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Outpost Firewall Pro 4.0.1025.7828 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via the (1) NtCreateKey, (2) NtDeleteFile, (3) NtLoadDriver, (4) NtOpenProcess, (5) NtOpenSection, (6) NtOpenThread, and (7) NtUnloadDriver kernel SSDT hooks, a partial regression of CVE-2006-7160."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "3161",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/3161"
                },
                {
                  "name": "45899",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/45899"
                },
                {
                  "name": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php",
                  "refsource": "MISC",
                  "url": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php"
                },
                {
                  "name": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php",
                  "refsource": "MISC",
                  "url": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php"
                },
                {
                  "name": "20070918 Plague in (security) software drivers \u0026 BSDOhook utility",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/479830/100/0/threaded"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-5042",
        "datePublished": "2007-09-24T00:00:00.000Z",
        "dateReserved": "2007-09-23T00:00:00.000Z",
        "dateUpdated": "2024-08-07T15:17:28.319Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-3086 (GCVE-0-2007-3086)

    Vulnerability from cvelistv5 – Published: 2007-06-06 10:00 – Updated: 2024-08-07 14:05
    VLAI
    Summary
    Unrestricted critical resource lock in Agnitum Outpost Firewall PRO 4.0 1007.591.145 and earlier allows local users to cause a denial of service (system hang) by capturing the outpost_ipc_hdr mutex.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/archive/1/470278/100… mailing-listx_refsource_BUGTRAQ
    http://osvdb.org/42038 vdb-entryx_refsource_OSVDB
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.matousec.com/info/advisories/Outpost-E… x_refsource_MISC
    http://securityreason.com/securityalert/2775 third-party-advisoryx_refsource_SREASON
    http://www.securityfocus.com/bid/24284 vdb-entryx_refsource_BID
    Date Public
    2007-06-01 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T14:05:29.252Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20070601 Outpost Enforcing system reboot with \u0027outpost_ipc_hdr\u0027 mutex Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/470278/100/0/threaded"
              },
              {
                "name": "42038",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/42038"
              },
              {
                "name": "outpostfirewall-outpostipchdr-dos(34686)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34686"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.matousec.com/info/advisories/Outpost-Enforcing-system-reboot-with-outpost_ipc_hdr-mutex.php"
              },
              {
                "name": "2775",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/2775"
              },
              {
                "name": "24284",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/24284"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-06-01T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Unrestricted critical resource lock in Agnitum Outpost Firewall PRO 4.0 1007.591.145 and earlier allows local users to cause a denial of service (system hang) by capturing the outpost_ipc_hdr mutex."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-16T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20070601 Outpost Enforcing system reboot with \u0027outpost_ipc_hdr\u0027 mutex Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/470278/100/0/threaded"
            },
            {
              "name": "42038",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/42038"
            },
            {
              "name": "outpostfirewall-outpostipchdr-dos(34686)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34686"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.matousec.com/info/advisories/Outpost-Enforcing-system-reboot-with-outpost_ipc_hdr-mutex.php"
            },
            {
              "name": "2775",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/2775"
            },
            {
              "name": "24284",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/24284"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-3086",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Unrestricted critical resource lock in Agnitum Outpost Firewall PRO 4.0 1007.591.145 and earlier allows local users to cause a denial of service (system hang) by capturing the outpost_ipc_hdr mutex."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20070601 Outpost Enforcing system reboot with \u0027outpost_ipc_hdr\u0027 mutex Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/470278/100/0/threaded"
                },
                {
                  "name": "42038",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/42038"
                },
                {
                  "name": "outpostfirewall-outpostipchdr-dos(34686)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34686"
                },
                {
                  "name": "http://www.matousec.com/info/advisories/Outpost-Enforcing-system-reboot-with-outpost_ipc_hdr-mutex.php",
                  "refsource": "MISC",
                  "url": "http://www.matousec.com/info/advisories/Outpost-Enforcing-system-reboot-with-outpost_ipc_hdr-mutex.php"
                },
                {
                  "name": "2775",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/2775"
                },
                {
                  "name": "24284",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/24284"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-3086",
        "datePublished": "2007-06-06T10:00:00.000Z",
        "dateReserved": "2007-06-05T00:00:00.000Z",
        "dateUpdated": "2024-08-07T14:05:29.252Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-7160 (GCVE-0-2006-7160)

    Vulnerability from cvelistv5 – Published: 2007-03-07 20:00 – Updated: 2024-08-07 20:57
    VLAI
    Summary
    The Sandbox.sys driver in Outpost Firewall PRO 4.0, and possibly earlier versions, does not validate arguments to hooked SSDT functions, which allows local users to cause a denial of service (crash) via invalid arguments to the (1) NtAssignProcessToJobObject,, (2) NtCreateKey, (3) NtCreateThread, (4) NtDeleteFile, (5) NtLoadDriver, (6) NtOpenProcess, (7) NtProtectVirtualMemory, (8) NtReplaceKey, (9) NtTerminateProcess, (10) NtTerminateThread, (11) NtUnloadDriver, and (12) NtWriteVirtualMemory functions.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://securityreason.com/securityalert/2376 third-party-advisoryx_refsource_SREASON
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.vupen.com/english/advisories/2006/4537 vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/archive/1/451672/100… mailing-listx_refsource_BUGTRAQ
    http://secunia.com/advisories/22913 third-party-advisoryx_refsource_SECUNIA
    http://www.matousec.com/info/advisories/Outpost-M… x_refsource_MISC
    http://www.securityfocus.com/bid/21097 vdb-entryx_refsource_BID
    Date Public
    2006-11-15 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T20:57:39.963Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "2376",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/2376"
              },
              {
                "name": "outpostfirewall-multiple-functions-dos(30312)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30312"
              },
              {
                "name": "ADV-2006-4537",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/4537"
              },
              {
                "name": "20061115 Outpost Multiple insufficient argument validation of hooked SSDT function Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/451672/100/0/threaded"
              },
              {
                "name": "22913",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/22913"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.matousec.com/info/advisories/Outpost-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php"
              },
              {
                "name": "21097",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/21097"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-11-15T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The Sandbox.sys driver in Outpost Firewall PRO 4.0, and possibly earlier versions, does not validate arguments to hooked SSDT functions, which allows local users to cause a denial of service (crash) via invalid arguments to the (1) NtAssignProcessToJobObject,, (2) NtCreateKey, (3) NtCreateThread, (4) NtDeleteFile, (5) NtLoadDriver, (6) NtOpenProcess, (7) NtProtectVirtualMemory, (8) NtReplaceKey, (9) NtTerminateProcess, (10) NtTerminateThread, (11) NtUnloadDriver, and (12) NtWriteVirtualMemory functions."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-16T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "2376",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/2376"
            },
            {
              "name": "outpostfirewall-multiple-functions-dos(30312)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30312"
            },
            {
              "name": "ADV-2006-4537",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/4537"
            },
            {
              "name": "20061115 Outpost Multiple insufficient argument validation of hooked SSDT function Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/451672/100/0/threaded"
            },
            {
              "name": "22913",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/22913"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.matousec.com/info/advisories/Outpost-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php"
            },
            {
              "name": "21097",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/21097"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-7160",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Sandbox.sys driver in Outpost Firewall PRO 4.0, and possibly earlier versions, does not validate arguments to hooked SSDT functions, which allows local users to cause a denial of service (crash) via invalid arguments to the (1) NtAssignProcessToJobObject,, (2) NtCreateKey, (3) NtCreateThread, (4) NtDeleteFile, (5) NtLoadDriver, (6) NtOpenProcess, (7) NtProtectVirtualMemory, (8) NtReplaceKey, (9) NtTerminateProcess, (10) NtTerminateThread, (11) NtUnloadDriver, and (12) NtWriteVirtualMemory functions."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "2376",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/2376"
                },
                {
                  "name": "outpostfirewall-multiple-functions-dos(30312)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30312"
                },
                {
                  "name": "ADV-2006-4537",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/4537"
                },
                {
                  "name": "20061115 Outpost Multiple insufficient argument validation of hooked SSDT function Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/451672/100/0/threaded"
                },
                {
                  "name": "22913",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/22913"
                },
                {
                  "name": "http://www.matousec.com/info/advisories/Outpost-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php",
                  "refsource": "MISC",
                  "url": "http://www.matousec.com/info/advisories/Outpost-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php"
                },
                {
                  "name": "21097",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/21097"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-7160",
        "datePublished": "2007-03-07T20:00:00.000Z",
        "dateReserved": "2007-03-07T00:00:00.000Z",
        "dateUpdated": "2024-08-07T20:57:39.963Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-0333 (GCVE-0-2007-0333)

    Vulnerability from cvelistv5 – Published: 2007-01-18 02:00 – Updated: 2024-08-07 12:12
    VLAI
    Summary
    Agnitum Outpost Firewall PRO 4.0 allows local users to bypass access restrictions and insert Trojan horse drivers into the product's installation directory by creating links using FileLinkInformation requests with the ZwSetInformationFile function, as demonstrated by modifying SandBox.sys.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/archive/1/456973/100… mailing-listx_refsource_BUGTRAQ
    http://www.matousec.com/info/advisories/Outpost-B… x_refsource_MISC
    http://www.securityfocus.com/bid/22069 vdb-entryx_refsource_BID
    http://osvdb.org/33480 vdb-entryx_refsource_OSVDB
    http://securityreason.com/securityalert/2163 third-party-advisoryx_refsource_SREASON
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2007-01-15 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T12:12:18.103Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20070115 Outpost Bypassing Self-Protection using file links Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/456973/100/0/threaded"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.matousec.com/info/advisories/Outpost-Bypassing-Self-Protection-using-file-links.php"
              },
              {
                "name": "22069",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/22069"
              },
              {
                "name": "33480",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/33480"
              },
              {
                "name": "2163",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/2163"
              },
              {
                "name": "outpostfirewall-zwset-privilege-escalation(31529)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31529"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-01-15T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Agnitum Outpost Firewall PRO 4.0 allows local users to bypass access restrictions and insert Trojan horse drivers into the product\u0027s installation directory by creating links using FileLinkInformation requests with the ZwSetInformationFile function, as demonstrated by modifying SandBox.sys."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-16T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20070115 Outpost Bypassing Self-Protection using file links Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/456973/100/0/threaded"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.matousec.com/info/advisories/Outpost-Bypassing-Self-Protection-using-file-links.php"
            },
            {
              "name": "22069",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/22069"
            },
            {
              "name": "33480",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/33480"
            },
            {
              "name": "2163",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/2163"
            },
            {
              "name": "outpostfirewall-zwset-privilege-escalation(31529)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31529"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-0333",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Agnitum Outpost Firewall PRO 4.0 allows local users to bypass access restrictions and insert Trojan horse drivers into the product\u0027s installation directory by creating links using FileLinkInformation requests with the ZwSetInformationFile function, as demonstrated by modifying SandBox.sys."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20070115 Outpost Bypassing Self-Protection using file links Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/456973/100/0/threaded"
                },
                {
                  "name": "http://www.matousec.com/info/advisories/Outpost-Bypassing-Self-Protection-using-file-links.php",
                  "refsource": "MISC",
                  "url": "http://www.matousec.com/info/advisories/Outpost-Bypassing-Self-Protection-using-file-links.php"
                },
                {
                  "name": "22069",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/22069"
                },
                {
                  "name": "33480",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/33480"
                },
                {
                  "name": "2163",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/2163"
                },
                {
                  "name": "outpostfirewall-zwset-privilege-escalation(31529)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31529"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-0333",
        "datePublished": "2007-01-18T02:00:00.000Z",
        "dateReserved": "2007-01-17T00:00:00.000Z",
        "dateUpdated": "2024-08-07T12:12:18.103Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-5721 (GCVE-0-2006-5721)

    Vulnerability from cvelistv5 – Published: 2006-11-04 01:00 – Updated: 2024-08-07 20:04
    VLAI
    Summary
    The \Device\SandBox driver in Outpost Firewall PRO 4.0 (964.582.059) allows local users to cause a denial of service (system crash) via an invalid argument to the DeviceIoControl function that triggers an invalid memory operation.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.vupen.com/english/advisories/2006/4309 vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/bid/20860 vdb-entryx_refsource_BID
    http://secunia.com/advisories/22673 third-party-advisoryx_refsource_SECUNIA
    http://www.matousec.com/info/advisories/Outpost-I… x_refsource_MISC
    http://securityreason.com/securityalert/1821 third-party-advisoryx_refsource_SREASON
    http://securitytracker.com/id?1017150 vdb-entryx_refsource_SECTRACK
    http://www.securityfocus.com/archive/1/450293/100… mailing-listx_refsource_BUGTRAQ
    Date Public
    2006-11-01 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T20:04:54.744Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "outpostfirewall-sandbox-dos(29969)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29969"
              },
              {
                "name": "ADV-2006-4309",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/4309"
              },
              {
                "name": "20860",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/20860"
              },
              {
                "name": "22673",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/22673"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.matousec.com/info/advisories/Outpost-Insufficient-validation-of-SandBox-driver-input-buffer.php"
              },
              {
                "name": "1821",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/1821"
              },
              {
                "name": "1017150",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1017150"
              },
              {
                "name": "20061101 Outpost Insufficient validation of \u0027SandBox\u0027 driver input buffer",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/450293/100/0/threaded"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-11-01T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The \\Device\\SandBox driver in Outpost Firewall PRO 4.0 (964.582.059) allows local users to cause a denial of service (system crash) via an invalid argument to the DeviceIoControl function that triggers an invalid memory operation."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "outpostfirewall-sandbox-dos(29969)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29969"
            },
            {
              "name": "ADV-2006-4309",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/4309"
            },
            {
              "name": "20860",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/20860"
            },
            {
              "name": "22673",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/22673"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.matousec.com/info/advisories/Outpost-Insufficient-validation-of-SandBox-driver-input-buffer.php"
            },
            {
              "name": "1821",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/1821"
            },
            {
              "name": "1017150",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1017150"
            },
            {
              "name": "20061101 Outpost Insufficient validation of \u0027SandBox\u0027 driver input buffer",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/450293/100/0/threaded"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-5721",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The \\Device\\SandBox driver in Outpost Firewall PRO 4.0 (964.582.059) allows local users to cause a denial of service (system crash) via an invalid argument to the DeviceIoControl function that triggers an invalid memory operation."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "outpostfirewall-sandbox-dos(29969)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29969"
                },
                {
                  "name": "ADV-2006-4309",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/4309"
                },
                {
                  "name": "20860",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/20860"
                },
                {
                  "name": "22673",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/22673"
                },
                {
                  "name": "http://www.matousec.com/info/advisories/Outpost-Insufficient-validation-of-SandBox-driver-input-buffer.php",
                  "refsource": "MISC",
                  "url": "http://www.matousec.com/info/advisories/Outpost-Insufficient-validation-of-SandBox-driver-input-buffer.php"
                },
                {
                  "name": "1821",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/1821"
                },
                {
                  "name": "1017150",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1017150"
                },
                {
                  "name": "20061101 Outpost Insufficient validation of \u0027SandBox\u0027 driver input buffer",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/450293/100/0/threaded"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-5721",
        "datePublished": "2006-11-04T01:00:00.000Z",
        "dateReserved": "2006-11-03T00:00:00.000Z",
        "dateUpdated": "2024-08-07T20:04:54.744Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-3696 (GCVE-0-2006-3696)

    Vulnerability from cvelistv5 – Published: 2006-07-19 01:00 – Updated: 2024-08-07 18:39
    VLAI
    Summary
    filtnt.sys in Outpost Firewall Pro before 3.51.759.6511 (462) allows local users to cause a denial of service (crash) via long arguments to mshta.exe.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/21095 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/19026 vdb-entryx_refsource_BID
    http://www.securityfocus.com/archive/1/440427 mailing-listx_refsource_BUGTRAQ
    http://securityreason.com/securityalert/1247 third-party-advisoryx_refsource_SREASON
    http://www.vupen.com/english/advisories/2006/2853 vdb-entryx_refsource_VUPEN
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2006-07-17 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T18:39:53.930Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "21095",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/21095"
              },
              {
                "name": "19026",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/19026"
              },
              {
                "name": "20060717 Outpost Firewall Pro secrately fixing security flaws?",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/440427"
              },
              {
                "name": "1247",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/1247"
              },
              {
                "name": "ADV-2006-2853",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/2853"
              },
              {
                "name": "outpost-firewall-filtnt-bo(27840)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27840"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-07-17T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "filtnt.sys in Outpost Firewall Pro before 3.51.759.6511 (462) allows local users to cause a denial of service (crash) via long arguments to mshta.exe."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-19T15:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "21095",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/21095"
            },
            {
              "name": "19026",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/19026"
            },
            {
              "name": "20060717 Outpost Firewall Pro secrately fixing security flaws?",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/440427"
            },
            {
              "name": "1247",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/1247"
            },
            {
              "name": "ADV-2006-2853",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/2853"
            },
            {
              "name": "outpost-firewall-filtnt-bo(27840)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27840"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-3696",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "filtnt.sys in Outpost Firewall Pro before 3.51.759.6511 (462) allows local users to cause a denial of service (crash) via long arguments to mshta.exe."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "21095",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/21095"
                },
                {
                  "name": "19026",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/19026"
                },
                {
                  "name": "20060717 Outpost Firewall Pro secrately fixing security flaws?",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/440427"
                },
                {
                  "name": "1247",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/1247"
                },
                {
                  "name": "ADV-2006-2853",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/2853"
                },
                {
                  "name": "outpost-firewall-filtnt-bo(27840)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27840"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-3696",
        "datePublished": "2006-07-19T01:00:00.000Z",
        "dateReserved": "2006-07-18T00:00:00.000Z",
        "dateUpdated": "2024-08-07T18:39:53.930Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-3697 (GCVE-0-2006-3697)

    Vulnerability from cvelistv5 – Published: 2006-07-19 01:00 – Updated: 2024-08-07 18:39
    VLAI
    Summary
    Agnitum Outpost Firewall Pro 3.51.759.6511 (462), as used in (1) Lavasoft Personal Firewall 1.0.543.5722 (433) and (2) Novell BorderManager Novell Client Firewall 2.0, does not properly restrict user activities in application windows that run in a LocalSystem context, which allows local users to gain privileges and execute commands (a) via the "open folder" option when no instance of explorer.exe is running, possibly related to the ShellExecute API function; or (b) by overwriting a batch file through the "Save Configuration As" option. NOTE: this might be a vulnerability in Microsoft Windows and explorer.exe instead of the firewall.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/21089 third-party-advisoryx_refsource_SECUNIA
    http://www.osvdb.org/27349 vdb-entryx_refsource_OSVDB
    http://www.securityfocus.com/bid/19018 vdb-entryx_refsource_BID
    http://www.securityfocus.com/archive/1/440426/100… mailing-listx_refsource_BUGTRAQ
    http://www.vupen.com/english/advisories/2007/0144 vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/bid/19024 vdb-entryx_refsource_BID
    http://www.vupen.com/english/advisories/2006/2851 vdb-entryx_refsource_VUPEN
    http://www.vupen.com/english/advisories/2006/2852 vdb-entryx_refsource_VUPEN
    http://www.ben.goulding.com.au/secad.html x_refsource_MISC
    http://secunia.com/advisories/21088 third-party-advisoryx_refsource_SECUNIA
    https://secure-support.novell.com/KanisaPlatform/… x_refsource_CONFIRM
    Date Public
    2006-07-17 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T18:39:53.553Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "21089",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/21089"
              },
              {
                "name": "27349",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/27349"
              },
              {
                "name": "19018",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/19018"
              },
              {
                "name": "20060716 Escalation of privileges in Outpost and Lavasoft Firewalls -Unusual ShellExecute behavior",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/440426/100/0/threaded"
              },
              {
                "name": "ADV-2007-0144",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/0144"
              },
              {
                "name": "19024",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/19024"
              },
              {
                "name": "ADV-2006-2851",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/2851"
              },
              {
                "name": "ADV-2006-2852",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/2852"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.ben.goulding.com.au/secad.html"
              },
              {
                "name": "21088",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/21088"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://secure-support.novell.com/KanisaPlatform/Publishing/903/3762108_f.SAL_Public.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-07-17T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Agnitum Outpost Firewall Pro 3.51.759.6511 (462), as used in (1) Lavasoft Personal Firewall 1.0.543.5722 (433) and (2) Novell BorderManager Novell Client Firewall 2.0, does not properly restrict user activities in application windows that run in a LocalSystem context, which allows local users to gain privileges and execute commands (a) via the \"open folder\" option when no instance of explorer.exe is running, possibly related to the ShellExecute API function; or (b) by overwriting a batch file through the \"Save Configuration As\" option. NOTE: this might be a vulnerability in Microsoft Windows and explorer.exe instead of the firewall."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-18T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "21089",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/21089"
            },
            {
              "name": "27349",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/27349"
            },
            {
              "name": "19018",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/19018"
            },
            {
              "name": "20060716 Escalation of privileges in Outpost and Lavasoft Firewalls -Unusual ShellExecute behavior",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/440426/100/0/threaded"
            },
            {
              "name": "ADV-2007-0144",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/0144"
            },
            {
              "name": "19024",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/19024"
            },
            {
              "name": "ADV-2006-2851",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/2851"
            },
            {
              "name": "ADV-2006-2852",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/2852"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.ben.goulding.com.au/secad.html"
            },
            {
              "name": "21088",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/21088"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://secure-support.novell.com/KanisaPlatform/Publishing/903/3762108_f.SAL_Public.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-3697",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Agnitum Outpost Firewall Pro 3.51.759.6511 (462), as used in (1) Lavasoft Personal Firewall 1.0.543.5722 (433) and (2) Novell BorderManager Novell Client Firewall 2.0, does not properly restrict user activities in application windows that run in a LocalSystem context, which allows local users to gain privileges and execute commands (a) via the \"open folder\" option when no instance of explorer.exe is running, possibly related to the ShellExecute API function; or (b) by overwriting a batch file through the \"Save Configuration As\" option. NOTE: this might be a vulnerability in Microsoft Windows and explorer.exe instead of the firewall."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "21089",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/21089"
                },
                {
                  "name": "27349",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/27349"
                },
                {
                  "name": "19018",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/19018"
                },
                {
                  "name": "20060716 Escalation of privileges in Outpost and Lavasoft Firewalls -Unusual ShellExecute behavior",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/440426/100/0/threaded"
                },
                {
                  "name": "ADV-2007-0144",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/0144"
                },
                {
                  "name": "19024",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/19024"
                },
                {
                  "name": "ADV-2006-2851",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/2851"
                },
                {
                  "name": "ADV-2006-2852",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/2852"
                },
                {
                  "name": "http://www.ben.goulding.com.au/secad.html",
                  "refsource": "MISC",
                  "url": "http://www.ben.goulding.com.au/secad.html"
                },
                {
                  "name": "21088",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/21088"
                },
                {
                  "name": "https://secure-support.novell.com/KanisaPlatform/Publishing/903/3762108_f.SAL_Public.html",
                  "refsource": "CONFIRM",
                  "url": "https://secure-support.novell.com/KanisaPlatform/Publishing/903/3762108_f.SAL_Public.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-3697",
        "datePublished": "2006-07-19T01:00:00.000Z",
        "dateReserved": "2006-07-18T00:00:00.000Z",
        "dateUpdated": "2024-08-07T18:39:53.553Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-2472 (GCVE-0-2004-2472)

    Vulnerability from cvelistv5 – Published: 2005-08-20 04:00 – Updated: 2024-08-08 01:29
    VLAI
    Summary
    Agnitum Outpost Pro Firewall 2.1 allows remote attackers to cause a denial of service (CPU consumption) via a flood of small, invalid packets, which can not be processed quickly enough by Outpost Pro.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/10338 vdb-entryx_refsource_BID
    http://secunia.com/advisories/11601 third-party-advisoryx_refsource_SECUNIA
    http://www.osvdb.org/6110 vdb-entryx_refsource_OSVDB
    http://www.securiteam.com/windowsntfocus/5FP0E0KC… x_refsource_MISC
    http://securitytracker.com/alerts/2004/May/1010151.html vdb-entryx_refsource_SECTRACK
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2004-05-13 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T01:29:13.926Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "10338",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/10338"
              },
              {
                "name": "11601",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/11601"
              },
              {
                "name": "6110",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/6110"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.securiteam.com/windowsntfocus/5FP0E0KCUW.html"
              },
              {
                "name": "1010151",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/alerts/2004/May/1010151.html"
              },
              {
                "name": "outpost-packet-dos(16133)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16133"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-05-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Agnitum Outpost Pro Firewall 2.1 allows remote attackers to cause a denial of service (CPU consumption) via a flood of small, invalid packets, which can not be processed quickly enough by Outpost Pro."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "10338",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/10338"
            },
            {
              "name": "11601",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/11601"
            },
            {
              "name": "6110",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/6110"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.securiteam.com/windowsntfocus/5FP0E0KCUW.html"
            },
            {
              "name": "1010151",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/alerts/2004/May/1010151.html"
            },
            {
              "name": "outpost-packet-dos(16133)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16133"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-2472",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Agnitum Outpost Pro Firewall 2.1 allows remote attackers to cause a denial of service (CPU consumption) via a flood of small, invalid packets, which can not be processed quickly enough by Outpost Pro."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "10338",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/10338"
                },
                {
                  "name": "11601",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/11601"
                },
                {
                  "name": "6110",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/6110"
                },
                {
                  "name": "http://www.securiteam.com/windowsntfocus/5FP0E0KCUW.html",
                  "refsource": "MISC",
                  "url": "http://www.securiteam.com/windowsntfocus/5FP0E0KCUW.html"
                },
                {
                  "name": "1010151",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/alerts/2004/May/1010151.html"
                },
                {
                  "name": "outpost-packet-dos(16133)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16133"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-2472",
        "datePublished": "2005-08-20T04:00:00.000Z",
        "dateReserved": "2005-08-20T00:00:00.000Z",
        "dateUpdated": "2024-08-08T01:29:13.926Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }