CVE-2007-0333

Agnitum Outpost Firewall PRO 4.0 allows local users to bypass access restrictions and insert Trojan horse drivers into the product's installation directory by creating links using FileLinkInformation requests with the ZwSetInformationFile function, as demonstrated by modifying SandBox.sys.

Published: Jan 18, 2007
Updated: Apr 13, 2023
CVE: CVE-2007-0333
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.2
AV:L/AC:L/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
agnitum / outpost_firewall	4.0	4.0.x

http://osvdb.org/33480
http://securityreason.com/securityalert/2163
http://www.matousec.com/info/advisories/Outpost-Bypassing-Self-Protection-using-file-links.php
http://www.securityfocus.com/archive/1/456973/100/0/threaded
http://www.securityfocus.com/bid/22069
https://exchange.xforce.ibmcloud.com/vulnerabilities/31529

Vulnerability Database

290,020

CVE-2007-0333