TUCoPS :: Security App Flaws :: b06-3689.htm

Outpost Firewall Pro secrately fixing security flaws?
Outpost Firewall Pro secrately fixing security flaws?
Outpost Firewall Pro secrately fixing security flaws?



hello,
To my knowledge Outpost Firewall Pro 3.5.631 had a security issue
(say: 0-day) that An exception can be passed & then triggered  by a
local system user to the firewall resulting in a SYSTEM CRASH due to a
overflow flaw in filtnt.sys (firewall driver) I was testing it on
winxpsp2 (patchlevel latest) & other possibilities of remote
exploitation.

try experimenting with:

cmd.exe
c:\> mshta.exe longggggggggg string


After upgrading to Outpost Firewall Pro ver. 3.51.759.6511 (462) the
issue seems fixed.

so secret fix huh ?

---

Bipin Gautam
http://bipin.tk 

Zeroth law of security: The possibility of poking a system from lower
privilege is zero unless & until there is possibility of direct,
indirect or consequential communication between the two...

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH