VAR-200703-0042
Vulnerability from variot - Updated: 2023-12-18 12:39Comodo Firewall Pro (CFP) (formerly Comodo Personal Firewall) 2.4.18.184 and earlier allows local users to bypass driver protections on the HKLM\SYSTEM\Software\Comodo\Personal Firewall registry key by guessing the name of a named pipe under \Device\NamedPipe\OLE and attempting to open it multiple times. Comodo Firewall Pro is prone to a protection-mechanism-bypass vulnerability. Exploiting this issue allows local attackers to bypass protection mechanisms implemented to restrict access to altering the firewall's configuration settings. This allows them to disable the firewall, aiding them in further attacks. This protection mechanism can be bypassed if very specific conditions are met. CFP uses a named pipe internally. Although the name changes, it can be judged. Processes that open this pipe multiple times can control protected CFP settings, and modifying the settings may result in disabling all protection mechanisms after a restart
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200703-0042",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "firewall pro",
"scope": "eq",
"trust": 1.9,
"vendor": "comodo",
"version": "2.4.18.184"
},
{
"model": "firewall pro",
"scope": "eq",
"trust": 1.9,
"vendor": "comodo",
"version": "2.4.17.183"
},
{
"model": "firewall pro",
"scope": "eq",
"trust": 1.9,
"vendor": "comodo",
"version": "2.4.16.174"
},
{
"model": "firewall pro",
"scope": "lte",
"trust": 0.8,
"vendor": "comodo",
"version": "2.4.18.184"
},
{
"model": "personal firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "comodo",
"version": "2.3.6.81"
}
],
"sources": [
{
"db": "BID",
"id": "22775"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001667"
},
{
"db": "NVD",
"id": "CVE-2007-1330"
},
{
"db": "CNNVD",
"id": "CNNVD-200703-260"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:comodo:comodo_firewall_pro:2.4.16.174:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:comodo:comodo_firewall_pro:2.4.17.183:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:comodo:comodo_firewall_pro:2.4.18.184:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-1330"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Matousec\u203bhttp://www.matousec.com/",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200703-260"
}
],
"trust": 0.6
},
"cve": "CVE-2007-1330",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.4,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 4.4,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2007-1330",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.4,
"id": "VHN-24692",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2007-1330",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200703-260",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-24692",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-24692"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001667"
},
{
"db": "NVD",
"id": "CVE-2007-1330"
},
{
"db": "CNNVD",
"id": "CNNVD-200703-260"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Comodo Firewall Pro (CFP) (formerly Comodo Personal Firewall) 2.4.18.184 and earlier allows local users to bypass driver protections on the HKLM\\SYSTEM\\Software\\Comodo\\Personal Firewall registry key by guessing the name of a named pipe under \\Device\\NamedPipe\\OLE and attempting to open it multiple times. Comodo Firewall Pro is prone to a protection-mechanism-bypass vulnerability. \nExploiting this issue allows local attackers to bypass protection mechanisms implemented to restrict access to altering the firewall\u0027s configuration settings. This allows them to disable the firewall, aiding them in further attacks. This protection mechanism can be bypassed if very specific conditions are met. CFP uses a named pipe internally. Although the name changes, it can be judged. Processes that open this pipe multiple times can control protected CFP settings, and modifying the settings may result in disabling all protection mechanisms after a restart",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-1330"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001667"
},
{
"db": "BID",
"id": "22775"
},
{
"db": "VULHUB",
"id": "VHN-24692"
}
],
"trust": 1.98
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-24692",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-24692"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2007-1330",
"trust": 2.8
},
{
"db": "BID",
"id": "22775",
"trust": 2.0
},
{
"db": "OSVDB",
"id": "34957",
"trust": 1.7
},
{
"db": "SREASON",
"id": "2388",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001667",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200703-260",
"trust": 0.7
},
{
"db": "XF",
"id": "32771",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20070301 COMODO BYPASSING SETTINGS PROTECTION USING MAGIC PIPE VULNERABILITY",
"trust": 0.6
},
{
"db": "SEEBUG",
"id": "SSVID-83183",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "29695",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-24692",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-24692"
},
{
"db": "BID",
"id": "22775"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001667"
},
{
"db": "NVD",
"id": "CVE-2007-1330"
},
{
"db": "CNNVD",
"id": "CNNVD-200703-260"
}
]
},
"id": "VAR-200703-0042",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-24692"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:39:54.086000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://personalfirewall.comodo.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-001667"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-1330"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/22775"
},
{
"trust": 1.7,
"url": "http://www.matousec.com/info/advisories/comodo-bypassing-settings-protection-using-magic-pipe.php"
},
{
"trust": 1.7,
"url": "http://osvdb.org/34957"
},
{
"trust": 1.7,
"url": "http://securityreason.com/securityalert/2388"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/461635/100/0/threaded"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32771"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1330"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-1330"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/32771"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/461635/100/0/threaded"
},
{
"trust": 0.3,
"url": "http://www.comodo.com/"
},
{
"trust": 0.3,
"url": "/archive/1/461635"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-24692"
},
{
"db": "BID",
"id": "22775"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001667"
},
{
"db": "NVD",
"id": "CVE-2007-1330"
},
{
"db": "CNNVD",
"id": "CNNVD-200703-260"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-24692"
},
{
"db": "BID",
"id": "22775"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001667"
},
{
"db": "NVD",
"id": "CVE-2007-1330"
},
{
"db": "CNNVD",
"id": "CNNVD-200703-260"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-03-07T00:00:00",
"db": "VULHUB",
"id": "VHN-24692"
},
{
"date": "2007-03-01T00:00:00",
"db": "BID",
"id": "22775"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-001667"
},
{
"date": "2007-03-07T21:19:00",
"db": "NVD",
"id": "CVE-2007-1330"
},
{
"date": "2007-03-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200703-260"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-16T00:00:00",
"db": "VULHUB",
"id": "VHN-24692"
},
{
"date": "2015-05-12T19:34:00",
"db": "BID",
"id": "22775"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-001667"
},
{
"date": "2018-10-16T16:37:58.533000",
"db": "NVD",
"id": "CVE-2007-1330"
},
{
"date": "2007-03-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200703-260"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "22775"
},
{
"db": "CNNVD",
"id": "CNNVD-200703-260"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CFP In HKLM\\SYSTEM\\Software\\Comodo\\Personal Firewall Vulnerability that bypasses driver protection for registry keys",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-001667"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "22775"
},
{
"db": "CNNVD",
"id": "CNNVD-200703-260"
}
],
"trust": 0.9
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…