---------------------------------------------------------------------- Secunia Network Software Inspector 2.0 (NSI) - Public Beta The Public Beta has ended. Thanks to all that participated. Learn more: http://secunia.com/network_software_inspector_2/ ---------------------------------------------------------------------- TITLE: Comodo Firewall Pro Hooked Functions Denial of Service SECUNIA ADVISORY ID: SA30006 VERIFY ADVISORY: http://secunia.com/advisories/30006/ CRITICAL: Not critical IMPACT: DoS WHERE: Local system SOFTWARE: Comodo Firewall Pro 2.x http://secunia.com/product/14060/ DESCRIPTION: Core Security Technologies has reported some vulnerabilities in Comodo Firewall Pro, which can be exploited by malicious, local users to cause a DoS (Denial of Service). The vulnerabilities are caused due to input validation errors when handling arguments passed to the hooked SSDT functions "NtDeleteFile()", "NtCreateFile()", and "NtSetThreadContext()". These can be exploited to cause a DoS by calling the affected functions with specially crafted arguments. The vulnerabilities are reported in version 2.4.18.184. Other versions may also be affected. SOLUTION: Upgrade to version 3.0. http://www.personalfirewall.comodo.com/download_firewall.html PROVIDED AND/OR DISCOVERED BY: Damian Saura, Anibal Sacco, Dario Menichelli, Norberto Kueffner, and Andres Blanco y Rodrigo Carvalho of Core Security Technologies ORIGINAL ADVISORY: CORE-2008-0320: http://www.coresecurity.com/index.php5?module=ContentMod&action=item&id=2249 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------