CVE-2009-2450 – Online Armor < 3.5.0.12 - 'OAmon.sys' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2009-2450
The OAmon.sys kernel driver 3.1.0.0 and earlier in Tall Emu Online Armor Personal Firewall AV+ before 3.5.0.12, and Personal Firewall 3.5 before 3.5.0.14, allows local users to gain privileges via crafted METHOD_NEITHER IOCTL requests to \Device\OAmon containing arbitrary kernel addresses, as demonstrated using the 0x830020C3 IOCTL. El controlador del kernel OAmon.sys v 3.1.0.0 y anteriores en Tall Emu Online Armor Personal Firewall AV+ anterior a v3.5.0.12, y Personal Firewall 3.5 anterior a v3.5.0.14, permite a usuarios locales obtener privilegios a través de peticiones METHOD_NEITHER IOCTL modificadas a \Device\OAmon que contienen direcciones del kernel de su elección como se ha demostrado empleadon el IOCTL 0x830020C3. • https://www.exploit-db.com/exploits/8875 http://milw0rm.com/sploits/2009-OAmon_Exp.zip http://www.exploit-db.com/exploits/8875 http://www.ntinternals.org/ntiadv0806/ntiadv0806.html http://www.securityfocus.com/bid/35227 https://exchange.xforce.ibmcloud.com/vulnerabilities/50960 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2006-3787 – Sunbelt Kerio Personal Firewall 4.3.426 - CreateRemoteThread Denial of Service
https://notcve.org/view.php?id=CVE-2006-3787
kpf4ss.exe in Sunbelt Kerio Personal Firewall 4.3.x before 4.3.268 does not properly hook the CreateRemoteThread API function, which allows local users to cause a denial of service (crash) and bypass protection mechanisms by calling CreateRemoteThread. kpf4ss.exe en Sunbelt Kerio Personal Firewall 4.3.x anterior a 4.3.268 no se engancha adecuadamente a la función CreateRemoteThread de la API, lo cual permite a usuarios locales provocar una denegación de servicio (caída) y evitar mecanismos de protección llamando a CreateRemoteThread. • https://www.exploit-db.com/exploits/28228 http://secunia.com/advisories/21060 http://securityreason.com/securityalert/1260 http://www.matousec.com/info/advisories/Kerio-Terminating-kpf4ss-exe-using-internal-runtime-error.php http://www.securityfocus.com/archive/1/440112/100/100/threaded http://www.securityfocus.com/bid/18996 http://www.vupen.com/english/advisories/2006/2828 •