Vulnerability-Lookup

CVE-2006-7160 (GCVE-0-2006-7160)

Vulnerability from cvelistv5 – Published: 2007-03-07 20:00 – Updated: 2024-08-07 20:57

Summary

Severity

No CVSS data available.

CWE

Assigner

mitre

References

7 references

URL	Tags
http://securityreason.com/securityalert/2376	third-party-advisoryx_refsource_SREASON
https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
http://www.vupen.com/english/advisories/2006/4537	vdb-entryx_refsource_VUPEN
http://www.securityfocus.com/archive/1/451672/100…	mailing-listx_refsource_BUGTRAQ
http://secunia.com/advisories/22913	third-party-advisoryx_refsource_SECUNIA
http://www.matousec.com/info/advisories/Outpost-M…	x_refsource_MISC
http://www.securityfocus.com/bid/21097	vdb-entryx_refsource_BID

Date Public

2006-11-15 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T20:57:39.963Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "2376",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/2376"
          },
          {
            "name": "outpostfirewall-multiple-functions-dos(30312)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30312"
          },
          {
            "name": "ADV-2006-4537",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/4537"
          },
          {
            "name": "20061115 Outpost Multiple insufficient argument validation of hooked SSDT function Vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/451672/100/0/threaded"
          },
          {
            "name": "22913",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22913"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.matousec.com/info/advisories/Outpost-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php"
          },
          {
            "name": "21097",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/21097"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-11-15T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "The Sandbox.sys driver in Outpost Firewall PRO 4.0, and possibly earlier versions, does not validate arguments to hooked SSDT functions, which allows local users to cause a denial of service (crash) via invalid arguments to the (1) NtAssignProcessToJobObject,, (2) NtCreateKey, (3) NtCreateThread, (4) NtDeleteFile, (5) NtLoadDriver, (6) NtOpenProcess, (7) NtProtectVirtualMemory, (8) NtReplaceKey, (9) NtTerminateProcess, (10) NtTerminateThread, (11) NtUnloadDriver, and (12) NtWriteVirtualMemory functions."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-16T14:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "2376",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/2376"
        },
        {
          "name": "outpostfirewall-multiple-functions-dos(30312)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30312"
        },
        {
          "name": "ADV-2006-4537",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/4537"
        },
        {
          "name": "20061115 Outpost Multiple insufficient argument validation of hooked SSDT function Vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/451672/100/0/threaded"
        },
        {
          "name": "22913",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/22913"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.matousec.com/info/advisories/Outpost-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php"
        },
        {
          "name": "21097",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/21097"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-7160",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Sandbox.sys driver in Outpost Firewall PRO 4.0, and possibly earlier versions, does not validate arguments to hooked SSDT functions, which allows local users to cause a denial of service (crash) via invalid arguments to the (1) NtAssignProcessToJobObject,, (2) NtCreateKey, (3) NtCreateThread, (4) NtDeleteFile, (5) NtLoadDriver, (6) NtOpenProcess, (7) NtProtectVirtualMemory, (8) NtReplaceKey, (9) NtTerminateProcess, (10) NtTerminateThread, (11) NtUnloadDriver, and (12) NtWriteVirtualMemory functions."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "2376",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/2376"
            },
            {
              "name": "outpostfirewall-multiple-functions-dos(30312)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30312"
            },
            {
              "name": "ADV-2006-4537",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/4537"
            },
            {
              "name": "20061115 Outpost Multiple insufficient argument validation of hooked SSDT function Vulnerability",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/451672/100/0/threaded"
            },
            {
              "name": "22913",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/22913"
            },
            {
              "name": "http://www.matousec.com/info/advisories/Outpost-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php",
              "refsource": "MISC",
              "url": "http://www.matousec.com/info/advisories/Outpost-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php"
            },
            {
              "name": "21097",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/21097"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-7160",
    "datePublished": "2007-03-07T20:00:00.000Z",
    "dateReserved": "2007-03-07T00:00:00.000Z",
    "dateUpdated": "2024-08-07T20:57:39.963Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2006-7160",
      "date": "2026-06-02",
      "epss": "0.00064",
      "percentile": "0.20074"
    },
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:agnitum:outpost_firewall:*:*:pro:*:*:*:*:*\", \"versionEndIncluding\": \"4.0\", \"matchCriteriaId\": \"C3B820FA-2999-4DAA-A54D-9DA2B16B2A11\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The Sandbox.sys driver in Outpost Firewall PRO 4.0, and possibly earlier versions, does not validate arguments to hooked SSDT functions, which allows local users to cause a denial of service (crash) via invalid arguments to the (1) NtAssignProcessToJobObject,, (2) NtCreateKey, (3) NtCreateThread, (4) NtDeleteFile, (5) NtLoadDriver, (6) NtOpenProcess, (7) NtProtectVirtualMemory, (8) NtReplaceKey, (9) NtTerminateProcess, (10) NtTerminateThread, (11) NtUnloadDriver, and (12) NtWriteVirtualMemory functions.\"}, {\"lang\": \"es\", \"value\": \"El controlador Sandbox.sys de Outpost Firewall PRO versi\\u00f3n 4.0, y posiblemente versiones anteriores, no comprueba argumentos para funciones SSDT enlazadas, permite a usuarios locales causar una denegaci\\u00f3n de servicio (bloqueo) mediante argumentos no v\\u00e1lidos para las funciones (1) NtAssignProcessToJobObject, (2) NtCreateKey, (3) NtCreateThread, (4) NtDeleteFile, (5) NtLoadDriver, (6) NtOpenProcess, (7) NtProtectVirtualMemory, (8) NtReplaceKey, (9) NtTerminateProcess, (10) NtTerminateThread, (11) NtUnloadDriver y (12) NtWriteVirtualMemory.\"}]",
      "id": "CVE-2006-7160",
      "lastModified": "2024-11-21T00:24:31.870",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:N/I:N/A:C\", \"baseScore\": 4.9, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 3.9, \"impactScore\": 6.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2007-03-07T20:19:00.000",
      "references": "[{\"url\": \"http://secunia.com/advisories/22913\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://securityreason.com/securityalert/2376\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.matousec.com/info/advisories/Outpost-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/451672/100/0/threaded\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/21097\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.vupen.com/english/advisories/2006/4537\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/30312\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/22913\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://securityreason.com/securityalert/2376\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.matousec.com/info/advisories/Outpost-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/451672/100/0/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/21097\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2006/4537\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/30312\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-20\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2006-7160\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2007-03-07T20:19:00.000\",\"lastModified\":\"2026-04-23T00:35:47.467\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The Sandbox.sys driver in Outpost Firewall PRO 4.0, and possibly earlier versions, does not validate arguments to hooked SSDT functions, which allows local users to cause a denial of service (crash) via invalid arguments to the (1) NtAssignProcessToJobObject,, (2) NtCreateKey, (3) NtCreateThread, (4) NtDeleteFile, (5) NtLoadDriver, (6) NtOpenProcess, (7) NtProtectVirtualMemory, (8) NtReplaceKey, (9) NtTerminateProcess, (10) NtTerminateThread, (11) NtUnloadDriver, and (12) NtWriteVirtualMemory functions.\"},{\"lang\":\"es\",\"value\":\"El controlador Sandbox.sys de Outpost Firewall PRO versi\u00f3n 4.0, y posiblemente versiones anteriores, no comprueba argumentos para funciones SSDT enlazadas, permite a usuarios locales causar una denegaci\u00f3n de servicio (bloqueo) mediante argumentos no v\u00e1lidos para las funciones (1) NtAssignProcessToJobObject, (2) NtCreateKey, (3) NtCreateThread, (4) NtDeleteFile, (5) NtLoadDriver, (6) NtOpenProcess, (7) NtProtectVirtualMemory, (8) NtReplaceKey, (9) NtTerminateProcess, (10) NtTerminateThread, (11) NtUnloadDriver y (12) NtWriteVirtualMemory.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:N/I:N/A:C\",\"baseScore\":4.9,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.9,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:agnitum:outpost_firewall:*:*:pro:*:*:*:*:*\",\"versionEndIncluding\":\"4.0\",\"matchCriteriaId\":\"C3B820FA-2999-4DAA-A54D-9DA2B16B2A11\"}]}]}],\"references\":[{\"url\":\"http://secunia.com/advisories/22913\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securityreason.com/securityalert/2376\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.matousec.com/info/advisories/Outpost-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/archive/1/451672/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/21097\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2006/4537\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/30312\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/22913\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securityreason.com/securityalert/2376\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.matousec.com/info/advisories/Outpost-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/archive/1/451672/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/21097\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2006/4537\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/30312\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

FKIE_CVE-2006-7160

Vulnerability from fkie_nvd - Published: 2007-03-07 20:19 - Updated: 2026-04-23 00:35

Severity

Summary

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/22913	Vendor Advisory
cve@mitre.org	http://securityreason.com/securityalert/2376
cve@mitre.org	http://www.matousec.com/info/advisories/Outpost-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php	Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/archive/1/451672/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/bid/21097
cve@mitre.org	http://www.vupen.com/english/advisories/2006/4537	Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/30312
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/22913	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securityreason.com/securityalert/2376
af854a3a-2127-422b-91ae-364da2661108	http://www.matousec.com/info/advisories/Outpost-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/451672/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/21097
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/4537	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/30312

Impacted products

	Vendor	Product	Version
	agnitum	outpost_firewall	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:agnitum:outpost_firewall:*:*:pro:*:*:*:*:*",
              "matchCriteriaId": "C3B820FA-2999-4DAA-A54D-9DA2B16B2A11",
              "versionEndIncluding": "4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Sandbox.sys driver in Outpost Firewall PRO 4.0, and possibly earlier versions, does not validate arguments to hooked SSDT functions, which allows local users to cause a denial of service (crash) via invalid arguments to the (1) NtAssignProcessToJobObject,, (2) NtCreateKey, (3) NtCreateThread, (4) NtDeleteFile, (5) NtLoadDriver, (6) NtOpenProcess, (7) NtProtectVirtualMemory, (8) NtReplaceKey, (9) NtTerminateProcess, (10) NtTerminateThread, (11) NtUnloadDriver, and (12) NtWriteVirtualMemory functions."
    },
    {
      "lang": "es",
      "value": "El controlador Sandbox.sys de Outpost Firewall PRO versi\u00f3n 4.0, y posiblemente versiones anteriores, no comprueba argumentos para funciones SSDT enlazadas, permite a usuarios locales causar una denegaci\u00f3n de servicio (bloqueo) mediante argumentos no v\u00e1lidos para las funciones (1) NtAssignProcessToJobObject, (2) NtCreateKey, (3) NtCreateThread, (4) NtDeleteFile, (5) NtLoadDriver, (6) NtOpenProcess, (7) NtProtectVirtualMemory, (8) NtReplaceKey, (9) NtTerminateProcess, (10) NtTerminateThread, (11) NtUnloadDriver y (12) NtWriteVirtualMemory."
    }
  ],
  "id": "CVE-2006-7160",
  "lastModified": "2026-04-23T00:35:47.467",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 4.9,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-03-07T20:19:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/22913"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securityreason.com/securityalert/2376"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.matousec.com/info/advisories/Outpost-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/451672/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/21097"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/4537"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30312"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/22913"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/2376"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.matousec.com/info/advisories/Outpost-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/451672/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/21097"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/4537"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30312"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-78PC-3W8M-H368

Vulnerability from github – Published: 2022-05-01 07:45 – Updated: 2022-05-01 07:45

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2006-7160"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2007-03-07T20:19:00Z",
    "severity": "MODERATE"
  },
  "details": "The Sandbox.sys driver in Outpost Firewall PRO 4.0, and possibly earlier versions, does not validate arguments to hooked SSDT functions, which allows local users to cause a denial of service (crash) via invalid arguments to the (1) NtAssignProcessToJobObject,, (2) NtCreateKey, (3) NtCreateThread, (4) NtDeleteFile, (5) NtLoadDriver, (6) NtOpenProcess, (7) NtProtectVirtualMemory, (8) NtReplaceKey, (9) NtTerminateProcess, (10) NtTerminateThread, (11) NtUnloadDriver, and (12) NtWriteVirtualMemory functions.",
  "id": "GHSA-78pc-3w8m-h368",
  "modified": "2022-05-01T07:45:17Z",
  "published": "2022-05-01T07:45:17Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-7160"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30312"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/22913"
    },
    {
      "type": "WEB",
      "url": "http://securityreason.com/securityalert/2376"
    },
    {
      "type": "WEB",
      "url": "http://www.matousec.com/info/advisories/Outpost-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/451672/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/21097"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2006/4537"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GSD-2006-7160

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2006-7160

Aliases

CVE-2006-7160

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2006-7160",
    "description": "The Sandbox.sys driver in Outpost Firewall PRO 4.0, and possibly earlier versions, does not validate arguments to hooked SSDT functions, which allows local users to cause a denial of service (crash) via invalid arguments to the (1) NtAssignProcessToJobObject,, (2) NtCreateKey, (3) NtCreateThread, (4) NtDeleteFile, (5) NtLoadDriver, (6) NtOpenProcess, (7) NtProtectVirtualMemory, (8) NtReplaceKey, (9) NtTerminateProcess, (10) NtTerminateThread, (11) NtUnloadDriver, and (12) NtWriteVirtualMemory functions.",
    "id": "GSD-2006-7160"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2006-7160"
      ],
      "details": "The Sandbox.sys driver in Outpost Firewall PRO 4.0, and possibly earlier versions, does not validate arguments to hooked SSDT functions, which allows local users to cause a denial of service (crash) via invalid arguments to the (1) NtAssignProcessToJobObject,, (2) NtCreateKey, (3) NtCreateThread, (4) NtDeleteFile, (5) NtLoadDriver, (6) NtOpenProcess, (7) NtProtectVirtualMemory, (8) NtReplaceKey, (9) NtTerminateProcess, (10) NtTerminateThread, (11) NtUnloadDriver, and (12) NtWriteVirtualMemory functions.",
      "id": "GSD-2006-7160",
      "modified": "2023-12-13T01:19:53.359571Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2006-7160",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The Sandbox.sys driver in Outpost Firewall PRO 4.0, and possibly earlier versions, does not validate arguments to hooked SSDT functions, which allows local users to cause a denial of service (crash) via invalid arguments to the (1) NtAssignProcessToJobObject,, (2) NtCreateKey, (3) NtCreateThread, (4) NtDeleteFile, (5) NtLoadDriver, (6) NtOpenProcess, (7) NtProtectVirtualMemory, (8) NtReplaceKey, (9) NtTerminateProcess, (10) NtTerminateThread, (11) NtUnloadDriver, and (12) NtWriteVirtualMemory functions."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "2376",
            "refsource": "SREASON",
            "url": "http://securityreason.com/securityalert/2376"
          },
          {
            "name": "outpostfirewall-multiple-functions-dos(30312)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30312"
          },
          {
            "name": "ADV-2006-4537",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2006/4537"
          },
          {
            "name": "20061115 Outpost Multiple insufficient argument validation of hooked SSDT function Vulnerability",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/451672/100/0/threaded"
          },
          {
            "name": "22913",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/22913"
          },
          {
            "name": "http://www.matousec.com/info/advisories/Outpost-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php",
            "refsource": "MISC",
            "url": "http://www.matousec.com/info/advisories/Outpost-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php"
          },
          {
            "name": "21097",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/21097"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:agnitum:outpost_firewall:*:*:pro:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "4.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-7160"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The Sandbox.sys driver in Outpost Firewall PRO 4.0, and possibly earlier versions, does not validate arguments to hooked SSDT functions, which allows local users to cause a denial of service (crash) via invalid arguments to the (1) NtAssignProcessToJobObject,, (2) NtCreateKey, (3) NtCreateThread, (4) NtDeleteFile, (5) NtLoadDriver, (6) NtOpenProcess, (7) NtProtectVirtualMemory, (8) NtReplaceKey, (9) NtTerminateProcess, (10) NtTerminateThread, (11) NtUnloadDriver, and (12) NtWriteVirtualMemory functions."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.matousec.com/info/advisories/Outpost-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.matousec.com/info/advisories/Outpost-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php"
            },
            {
              "name": "21097",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/21097"
            },
            {
              "name": "22913",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/22913"
            },
            {
              "name": "2376",
              "refsource": "SREASON",
              "tags": [],
              "url": "http://securityreason.com/securityalert/2376"
            },
            {
              "name": "ADV-2006-4537",
              "refsource": "VUPEN",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/4537"
            },
            {
              "name": "outpostfirewall-multiple-functions-dos(30312)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30312"
            },
            {
              "name": "20061115 Outpost Multiple insufficient argument validation of hooked SSDT function Vulnerability",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/451672/100/0/threaded"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 4.9,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 6.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2018-10-16T16:29Z",
      "publishedDate": "2007-03-07T20:19Z"
    }
  }
}

VAR-200703-0244

Vulnerability from variot - Updated: 2023-12-18 13:10

The Sandbox.sys driver in Outpost Firewall PRO 4.0, and possibly earlier versions, does not validate arguments to hooked SSDT functions, which allows local users to cause a denial of service (crash) via invalid arguments to the (1) NtAssignProcessToJobObject,, (2) NtCreateKey, (3) NtCreateThread, (4) NtDeleteFile, (5) NtLoadDriver, (6) NtOpenProcess, (7) NtProtectVirtualMemory, (8) NtReplaceKey, (9) NtTerminateProcess, (10) NtTerminateThread, (11) NtUnloadDriver, and (12) NtWriteVirtualMemory functions. (1) NtAssignProcessToJobObject function (2) NtCreateKey function (3) NtCreateThread function (4) NtDeleteFile function (5) NtLoadDriver function (6) NtOpenProcess function (7) NtProtectVirtualmemory function (8) NtReplaceKey function (9) NtTerminateProcess function (10) NtTerminateThread function (11) NtUnloadDriver function (12) NtWriteVirtualmemory function. Outpost Firewall PRO is prone to multiple local denial-of-service vulnerabilities because the application fails to properly handle unexpected input. Exploiting these issues allows local attackers to crash affected computers, denying service to legitimate users. Remote code-execution may be possible, but this has not been confirmed. Outpost Firewall PRO 4.0 (964.582.059) and 4.0 (971.584.079) are vulnerable to these issues; other versions may also be affected. Outpost Firewall is prone to a denial-of-service vulnerability.

To improve our services to our customers, we have made a number of additions to the Secunia Advisories and have started translating the advisories to German.

The improvements will help our customers to get a better understanding of how we reached our conclusions, how it was rated, our thoughts on exploitation, attack vectors, and scenarios.

The vulnerability is caused due to an error within Sandbox.sys when handling the parameters of certain hooked functions. This can be exploited to cause a DoS by calling NtAssignProcessToJobObject, NtCreateKey, NtCreateThread, NtDeleteFile, NtLoadDriver, NtOpenProcess, NtProtectVirtualMemory, NtReplaceKey, NtTerminateProcess, NtTerminateThread, NtUnloadDriver, and NtWriteVirtualMemory with specially crafted parameters. Other versions may also be affected.

SOLUTION: Restrict access to trusted users only.

PROVIDED AND/OR DISCOVERED BY: Matousec Transparent Security

ORIGINAL ADVISORY: Matousec Transparent Security: http://www.matousec.com/info/advisories/Outpost-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200703-0244",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "outpost firewall",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "agnitum",
        "version": "4.0"
      },
      {
        "model": "outpost firewall",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "agnitum",
        "version": "pro 4.0"
      },
      {
        "model": "outpost firewall pro",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "agnitum",
        "version": "4.0"
      },
      {
        "model": "outpost firewall",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "agnitum",
        "version": "4.0"
      },
      {
        "model": "outpost firewall pro",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "agnitum",
        "version": "4.0(971.584.079)"
      },
      {
        "model": "outpost firewall pro",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "agnitum",
        "version": "4.0(964.582.059)"
      },
      {
        "model": "outpost firewall pro",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "agnitum",
        "version": "4.0(1005.590.123)"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "21097"
      },
      {
        "db": "BID",
        "id": "82061"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001297"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-7160"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200703-259"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:agnitum:outpost_firewall:*:*:pro:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "4.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2006-7160"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Matousec Transparent Security discovered these issues.",
    "sources": [
      {
        "db": "BID",
        "id": "21097"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200703-259"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2006-7160",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 4.9,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Local",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 4.9,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2006-7160",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 4.9,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "id": "VHN-23268",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:L/AC:L/AU:N/C:N/I:N/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2006-7160",
            "trust": 1.8,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200703-259",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-23268",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-23268"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001297"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-7160"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200703-259"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The Sandbox.sys driver in Outpost Firewall PRO 4.0, and possibly earlier versions, does not validate arguments to hooked SSDT functions, which allows local users to cause a denial of service (crash) via invalid arguments to the (1) NtAssignProcessToJobObject,, (2) NtCreateKey, (3) NtCreateThread, (4) NtDeleteFile, (5) NtLoadDriver, (6) NtOpenProcess, (7) NtProtectVirtualMemory, (8) NtReplaceKey, (9) NtTerminateProcess, (10) NtTerminateThread, (11) NtUnloadDriver, and (12) NtWriteVirtualMemory functions. (1) NtAssignProcessToJobObject function (2) NtCreateKey function (3) NtCreateThread function (4) NtDeleteFile function (5) NtLoadDriver function (6) NtOpenProcess function (7) NtProtectVirtualmemory function (8) NtReplaceKey function (9) NtTerminateProcess function (10) NtTerminateThread function (11) NtUnloadDriver function (12) NtWriteVirtualmemory function. Outpost Firewall PRO is prone to multiple local denial-of-service vulnerabilities because the application fails to properly handle unexpected input. \nExploiting these issues allows local attackers to crash affected computers, denying service to legitimate users. Remote code-execution may be possible, but this has not been confirmed. \nOutpost Firewall PRO 4.0 (964.582.059) and 4.0 (971.584.079) are vulnerable to these issues; other versions may also be affected. Outpost Firewall is prone to a denial-of-service vulnerability. \n\n----------------------------------------------------------------------\n\nTo improve our services to our customers, we have made a number of\nadditions to the Secunia Advisories and have started translating the\nadvisories to German. \n\nThe improvements will help our customers to get a better\nunderstanding of how we reached our conclusions, how it was rated,\nour thoughts on exploitation, attack vectors, and scenarios. \n\nThe vulnerability is caused due to an error within Sandbox.sys when\nhandling the parameters of certain hooked functions.  This can be\nexploited to cause a DoS by calling NtAssignProcessToJobObject,\nNtCreateKey, NtCreateThread, NtDeleteFile, NtLoadDriver,\nNtOpenProcess, NtProtectVirtualMemory, NtReplaceKey,\nNtTerminateProcess, NtTerminateThread, NtUnloadDriver, and\nNtWriteVirtualMemory with specially crafted parameters. Other\nversions may also be affected. \n\nSOLUTION:\nRestrict access to trusted users only. \n\nPROVIDED AND/OR DISCOVERED BY:\nMatousec Transparent Security\n\nORIGINAL ADVISORY:\nMatousec Transparent Security:\nhttp://www.matousec.com/info/advisories/Outpost-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2006-7160"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001297"
      },
      {
        "db": "BID",
        "id": "21097"
      },
      {
        "db": "BID",
        "id": "82061"
      },
      {
        "db": "VULHUB",
        "id": "VHN-23268"
      },
      {
        "db": "PACKETSTORM",
        "id": "52141"
      }
    ],
    "trust": 2.34
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2006-7160",
        "trust": 2.8
      },
      {
        "db": "BID",
        "id": "21097",
        "trust": 2.3
      },
      {
        "db": "SREASON",
        "id": "2376",
        "trust": 2.0
      },
      {
        "db": "SECUNIA",
        "id": "22913",
        "trust": 1.8
      },
      {
        "db": "VUPEN",
        "id": "ADV-2006-4537",
        "trust": 1.7
      },
      {
        "db": "XF",
        "id": "30312",
        "trust": 0.9
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001297",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200703-259",
        "trust": 0.7
      },
      {
        "db": "BUGTRAQ",
        "id": "20061115 OUTPOST MULTIPLE INSUFFICIENT ARGUMENT VALIDATION OF HOOKED SSDT FUNCTION VULNERABILITY",
        "trust": 0.6
      },
      {
        "db": "BID",
        "id": "82061",
        "trust": 0.4
      },
      {
        "db": "VULHUB",
        "id": "VHN-23268",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "52141",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-23268"
      },
      {
        "db": "BID",
        "id": "21097"
      },
      {
        "db": "BID",
        "id": "82061"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001297"
      },
      {
        "db": "PACKETSTORM",
        "id": "52141"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-7160"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200703-259"
      }
    ]
  },
  "id": "VAR-200703-0244",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-23268"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T13:10:29.051000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "http://www.agnitum.com/products/outpost/"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001297"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-20",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-23268"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001297"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-7160"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.4,
        "url": "http://www.matousec.com/info/advisories/outpost-multiple-insufficient-argument-validation-of-hooked-ssdt-functions.php"
      },
      {
        "trust": 2.0,
        "url": "http://www.securityfocus.com/bid/21097"
      },
      {
        "trust": 2.0,
        "url": "http://securityreason.com/securityalert/2376"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/22913"
      },
      {
        "trust": 1.1,
        "url": "http://www.securityfocus.com/archive/1/451672/100/0/threaded"
      },
      {
        "trust": 1.1,
        "url": "http://www.vupen.com/english/advisories/2006/4537"
      },
      {
        "trust": 1.1,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30312"
      },
      {
        "trust": 0.9,
        "url": "http://xforce.iss.net/xforce/xfdb/30312"
      },
      {
        "trust": 0.9,
        "url": "http://www.securityfocus.com/archive/1/archive/1/451672/100/0/threaded"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-7160"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-7160"
      },
      {
        "trust": 0.6,
        "url": "http://www.frsirt.com/english/advisories/2006/4537"
      },
      {
        "trust": 0.3,
        "url": "http://www.agnitum.com/products/outpost/"
      },
      {
        "trust": 0.3,
        "url": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/451672"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/479830"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://corporate.secunia.com/products/48/?r=l"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/22913/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/12472/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://corporate.secunia.com/how_to_buy/15/?r=l"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/about_secunia_advisories/"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-23268"
      },
      {
        "db": "BID",
        "id": "21097"
      },
      {
        "db": "BID",
        "id": "82061"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001297"
      },
      {
        "db": "PACKETSTORM",
        "id": "52141"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-7160"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200703-259"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-23268"
      },
      {
        "db": "BID",
        "id": "21097"
      },
      {
        "db": "BID",
        "id": "82061"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001297"
      },
      {
        "db": "PACKETSTORM",
        "id": "52141"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-7160"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200703-259"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2007-03-07T00:00:00",
        "db": "VULHUB",
        "id": "VHN-23268"
      },
      {
        "date": "2006-11-15T00:00:00",
        "db": "BID",
        "id": "21097"
      },
      {
        "date": "2007-03-07T00:00:00",
        "db": "BID",
        "id": "82061"
      },
      {
        "date": "2012-06-26T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2007-001297"
      },
      {
        "date": "2006-11-16T15:09:27",
        "db": "PACKETSTORM",
        "id": "52141"
      },
      {
        "date": "2007-03-07T20:19:00",
        "db": "NVD",
        "id": "CVE-2006-7160"
      },
      {
        "date": "2007-03-07T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200703-259"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-10-16T00:00:00",
        "db": "VULHUB",
        "id": "VHN-23268"
      },
      {
        "date": "2007-09-18T22:30:00",
        "db": "BID",
        "id": "21097"
      },
      {
        "date": "2007-03-07T00:00:00",
        "db": "BID",
        "id": "82061"
      },
      {
        "date": "2012-06-26T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2007-001297"
      },
      {
        "date": "2018-10-16T16:29:38.287000",
        "db": "NVD",
        "id": "CVE-2006-7160"
      },
      {
        "date": "2007-04-11T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200703-259"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "BID",
        "id": "21097"
      },
      {
        "db": "BID",
        "id": "82061"
      },
      {
        "db": "PACKETSTORM",
        "id": "52141"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200703-259"
      }
    ],
    "trust": 1.3
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Outpost Firewall PRO of  sandbox.sys Service disruption in drivers  (DoS) Vulnerabilities",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001297"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "input validation",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200703-259"
      }
    ],
    "trust": 0.6
  }
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2006-7160 (GCVE-0-2006-7160)

FKIE_CVE-2006-7160

GHSA-78PC-3W8M-H368

GSD-2006-7160

VAR-200703-0244

Tags

Sightings

Nomenclature