NotCVE - vendor:"Agnitum" product:"Outpost Firewall" version:"2.1"

2 results (0.002 seconds)

CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0

CVE-2006-7160

https://notcve.org/view.php?id=CVE-2006-7160

The Sandbox.sys driver in Outpost Firewall PRO 4.0, and possibly earlier versions, does not validate arguments to hooked SSDT functions, which allows local users to cause a denial of service (crash) via invalid arguments to the (1) NtAssignProcessToJobObject,, (2) NtCreateKey, (3) NtCreateThread, (4) NtDeleteFile, (5) NtLoadDriver, (6) NtOpenProcess, (7) NtProtectVirtualMemory, (8) NtReplaceKey, (9) NtTerminateProcess, (10) NtTerminateThread, (11) NtUnloadDriver, and (12) NtWriteVirtualMemory functions. El controlador Sandbox.sys de Outpost Firewall PRO versión 4.0, y posiblemente versiones anteriores, no comprueba argumentos para funciones SSDT enlazadas, permite a usuarios locales causar una denegación de servicio (bloqueo) mediante argumentos no válidos para las funciones (1) NtAssignProcessToJobObject, (2) NtCreateKey, (3) NtCreateThread, (4) NtDeleteFile, (5) NtLoadDriver, (6) NtOpenProcess, (7) NtProtectVirtualMemory, (8) NtReplaceKey, (9) NtTerminateProcess, (10) NtTerminateThread, (11) NtUnloadDriver y (12) NtWriteVirtualMemory. • http://secunia.com/advisories/22913 http://securityreason.com/securityalert/2376 http://www.matousec.com/info/advisories/Outpost-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php http://www.securityfocus.com/archive/1/451672/100/0/threaded http://www.securityfocus.com/bid/21097 http://www.vupen.com/english/advisories/2006/4537 https://exchange.xforce.ibmcloud.com/vulnerabilities/30312 • CWE-20: Improper Input Validation •

CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 0

CVE-2004-2472

https://notcve.org/view.php?id=CVE-2004-2472

Agnitum Outpost Pro Firewall 2.1 allows remote attackers to cause a denial of service (CPU consumption) via a flood of small, invalid packets, which can not be processed quickly enough by Outpost Pro. • http://secunia.com/advisories/11601 http://securitytracker.com/alerts/2004/May/1010151.html http://www.osvdb.org/6110 http://www.securiteam.com/windowsntfocus/5FP0E0KCUW.html http://www.securityfocus.com/bid/10338 https://exchange.xforce.ibmcloud.com/vulnerabilities/16133 •