Details of VAR-200510-0180

ID

VAR-200510-0180

CVE

CVE-2005-3197

TITLE

Webroot Software Desktop Firewall Multiple Local Vulnerabilities

Trust: 0.9

sources: BID: 15016 // CNNVD: CNNVD-200510-088

DESCRIPTION

Stack-based buffer overflow in PWIWrapper.dll for Webroot Desktop Firewall before 1.3.0build52 allows local users to execute arbitrary code as SYSTEM by sending a crafted DeviceIoControl command, then removing an allowed program from the firewall list. Webroot Software Desktop Firewall is susceptible to multiple local vulnerabilities. The first issue is a buffer overflow vulnerability, due to a failure of the application to properly bounds check user-supplied data prior to copying it to an insufficiently sized memory buffer. Local attackers may exploit this first issue to execute arbitrary machine code with SYSTEM privileges. Attackers require the ability to modify the firewall's list of allowed applications. The second issue is an authentication bypass vulnerability. This issue is due to a failure of the firewall to properly enforce built-in password protection, allowing local attackers to disable the firewall. Local attackers may exploit the second issue to disable the firewall, aiding them in further attacks. These issues may only be exploited by local attackers with privileges allowing them to utilize 'DeviceIoControl()' to send commands to the firewall driver. These issues are reported to exist in version 1.3.0.43. Other versions may also be affected. SOLUTION: Update to version 1.3.0 build 52. PROVIDED AND/OR DISCOVERED BY: Tan Chew Keong, Secunia Research. ORIGINAL ADVISORY: Webroot: http://support.webroot.com/ics/support/KBAnswer.asp?questionID=2332 Secunia Research: http://secunia.com/secunia_research/2005-10/advisory/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 1.35

sources: NVD: CVE-2005-3197 // BID: 15016 // VULHUB: VHN-14406 // PACKETSTORM: 40466

AFFECTED PRODUCTS

vendor:	webroot	model:	desktop firewall	scope:	eq	version:	1.3.0.43	Trust: 1.6
vendor:	webroot	model:	software desktop firewall	scope:	eq	version:	1.3.0.43	Trust: 0.3
vendor:	webroot	model:	software desktop firewall	scope:	ne	version:	1.3.0.52	Trust: 0.3

sources: BID: 15016 // CNNVD: CNNVD-200510-088 // NVD: CVE-2005-3197

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2005-3197
value:	HIGH
Trust: 1.0
CNNVD:	CNNVD-200510-088
value:	HIGH
Trust: 0.6
VULHUB:	VHN-14406
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2005-3197
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-14406
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-14406 // CNNVD: CNNVD-200510-088 // NVD: CVE-2005-3197

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2005-3197

THREAT TYPE

local

Trust: 1.0

sources: BID: 15016 // PACKETSTORM: 40466 // CNNVD: CNNVD-200510-088

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-200510-088

EXTERNAL IDS

db:	BID	id:	15016	Trust: 2.0
db:	SECUNIA	id:	15745	Trust: 1.8
db:	VUPEN	id:	ADV-2005-1973	Trust: 1.7
db:	SECTRACK	id:	1015012	Trust: 1.7
db:	NVD	id:	CVE-2005-3197	Trust: 1.7
db:	OSVDB	id:	19868	Trust: 1.7
db:	CNNVD	id:	CNNVD-200510-088	Trust: 0.7
db:	FULLDISC	id:	20051006 SECUNIA RESEARCH: WEBROOT DESKTOP FIREWALL TWO VULNERABILITIES	Trust: 0.6
db:	XF	id:	22529	Trust: 0.6
db:	VULHUB	id:	VHN-14406	Trust: 0.1
db:	PACKETSTORM	id:	40466	Trust: 0.1

sources: VULHUB: VHN-14406 // BID: 15016 // PACKETSTORM: 40466 // CNNVD: CNNVD-200510-088 // NVD: CVE-2005-3197

REFERENCES

url:	http://support.webroot.com/ics/support/kbanswer.asp?questionid=2332	Trust: 1.8
url:	http://secunia.com/secunia_research/2005-10/advisory/	Trust: 1.8
url:	http://secunia.com/advisories/15745/	Trust: 1.8
url:	http://www.securityfocus.com/bid/15016	Trust: 1.7
url:	http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0129.html	Trust: 1.7
url:	http://www.osvdb.org/19868	Trust: 1.7
url:	http://securitytracker.com/id?1015012	Trust: 1.7
url:	http://www.vupen.com/english/advisories/2005/1973	Trust: 1.1
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/22529	Trust: 1.1
url:	http://xforce.iss.net/xforce/xfdb/22529	Trust: 0.6
url:	http://www.frsirt.com/english/advisories/2005/1973	Trust: 0.6
url:	http://www.webroot.com/consumer/products/desktopfirewall/	Trust: 0.3
url:	http://support.webroot.com/ics/support/default.asp?deptid=776	Trust: 0.3
url:	http://secunia.com/secunia_security_advisories/	Trust: 0.1
url:	http://secunia.com/product/5805/	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://secunia.com/about_secunia_advisories/	Trust: 0.1

sources: VULHUB: VHN-14406 // BID: 15016 // PACKETSTORM: 40466 // CNNVD: CNNVD-200510-088 // NVD: CVE-2005-3197

CREDITS

Tan Chew Keong of Secunia Research is credited with the discovery of these issues.

Trust: 0.9

sources: BID: 15016 // CNNVD: CNNVD-200510-088

SOURCES

db:	VULHUB	id:	VHN-14406
db:	BID	id:	15016
db:	PACKETSTORM	id:	40466
db:	CNNVD	id:	CNNVD-200510-088
db:	NVD	id:	CVE-2005-3197

LAST UPDATE DATE

2024-08-14T15:09:47.018000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-14406	date:	2017-07-11T00:00:00
db:	BID	id:	15016	date:	2005-10-06T00:00:00
db:	CNNVD	id:	CNNVD-200510-088	date:	2005-10-20T00:00:00
db:	NVD	id:	CVE-2005-3197	date:	2017-07-11T01:33:07.487

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-14406	date:	2005-10-14T00:00:00
db:	BID	id:	15016	date:	2005-10-06T00:00:00
db:	PACKETSTORM	id:	40466	date:	2005-10-06T16:36:36
db:	CNNVD	id:	CNNVD-200510-088	date:	2005-10-14T00:00:00
db:	NVD	id:	CVE-2005-3197	date:	2005-10-14T10:02:00