Details of VAR-200702-0108

ID

VAR-200702-0108

CVE

CVE-2007-0709

TITLE

Comodo Firewall Pro and Comodo Personal Firewall of cmdmon.sys Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2007-001514

DESCRIPTION

cmdmon.sys in Comodo Firewall Pro (formerly Comodo Personal Firewall) 2.4.16.174 and earlier does not validate arguments that originate in user mode for the (1) NtCreateSection, (2) NtOpenProcess, (3) NtOpenSection, (4) NtOpenThread, and (5) NtSetValueKey hooked SSDT functions, which allows local users to cause a denial of service (system crash) and possibly gain privileges via invalid arguments. Comodo Firewall Pro is prone to a denial-of-service vulnerability. Local attackers may exploit this vulnerability to cause denial of service. The Comodo firewall hooks many functions in SSDT, and there are at least 7 cases where there are no parameters for verifying user mode. Due to a bug in the cmdmon.sys driver, a denial of service may result when calling NtConnectPort, NtCreatePort, NtCreateSection, NtOpenProcess, NtOpenSection, NtOpenThread, and NtSetValueKey

Trust: 1.98

sources: NVD: CVE-2007-0709 // JVNDB: JVNDB-2007-001514 // BID: 81908 // VULHUB: VHN-24071

AFFECTED PRODUCTS

vendor:	comodo	model:	firewall pro	scope:	lte	version:	2.4.16.174	Trust: 1.8
vendor:	comodo	model:	firewall pro	scope:	eq	version:	2.4.16.174	Trust: 0.9

sources: BID: 81908 // JVNDB: JVNDB-2007-001514 // CNNVD: CNNVD-200702-040 // NVD: CVE-2007-0709

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2007-0709
value:	HIGH
Trust: 1.0
NVD:	CVE-2007-0709
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-200702-040
value:	HIGH
Trust: 0.6
VULHUB:	VHN-24071
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2007-0709
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-24071
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-24071 // JVNDB: JVNDB-2007-001514 // CNNVD: CNNVD-200702-040 // NVD: CVE-2007-0709

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2007-0709

THREAT TYPE

local

Trust: 0.9

sources: BID: 81908 // CNNVD: CNNVD-200702-040

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-200702-040

CONFIGURATIONS

sources: JVNDB: JVNDB-2007-001514

PATCH

title:

Top Page

url:

http://personalfirewall.comodo.com/

Trust: 0.8

sources: JVNDB: JVNDB-2007-001514

EXTERNAL IDS

db:	NVD	id:	CVE-2007-0709	Trust: 2.8
db:	BID	id:	22357	Trust: 2.0
db:	SECTRACK	id:	1017580	Trust: 2.0
db:	XF	id:	32059	Trust: 0.9
db:	JVNDB	id:	JVNDB-2007-001514	Trust: 0.8
db:	CNNVD	id:	CNNVD-200702-040	Trust: 0.7
db:	BUGTRAQ	id:	20070201 COMODO MULTIPLE INSUFFICIENT ARGUMENT VALIDATION OF HOOKED SSDT FUNCTION VULNERABILITY	Trust: 0.6
db:	BID	id:	81908	Trust: 0.4
db:	VULHUB	id:	VHN-24071	Trust: 0.1

sources: VULHUB: VHN-24071 // BID: 81908 // JVNDB: JVNDB-2007-001514 // CNNVD: CNNVD-200702-040 // NVD: CVE-2007-0709

REFERENCES

url:	http://www.securityfocus.com/bid/22357	Trust: 2.0
url:	http://www.matousec.com/info/advisories/comodo-multiple-insufficient-argument-validation-of-hooked-ssdt-functions.php	Trust: 2.0
url:	http://securitytracker.com/id?1017580	Trust: 2.0
url:	http://www.securityfocus.com/archive/1/458773/100/0/threaded	Trust: 1.1
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/32059	Trust: 1.1
url:	http://xforce.iss.net/xforce/xfdb/32059	Trust: 0.9
url:	http://www.securityfocus.com/archive/1/archive/1/458773/100/0/threaded	Trust: 0.9
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-0709	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-0709	Trust: 0.8

sources: VULHUB: VHN-24071 // BID: 81908 // JVNDB: JVNDB-2007-001514 // CNNVD: CNNVD-200702-040 // NVD: CVE-2007-0709

CREDITS

Matousec※http://www.matousec.com/

Trust: 0.6

sources: CNNVD: CNNVD-200702-040

SOURCES

db:	VULHUB	id:	VHN-24071
db:	BID	id:	81908
db:	JVNDB	id:	JVNDB-2007-001514
db:	CNNVD	id:	CNNVD-200702-040
db:	NVD	id:	CVE-2007-0709

LAST UPDATE DATE

2024-11-23T22:19:53.273000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-24071	date:	2018-10-16T00:00:00
db:	BID	id:	81908	date:	2007-02-03T00:00:00
db:	JVNDB	id:	JVNDB-2007-001514	date:	2012-06-26T00:00:00
db:	CNNVD	id:	CNNVD-200702-040	date:	2007-02-06T00:00:00
db:	NVD	id:	CVE-2007-0709	date:	2024-11-21T00:26:32.880

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-24071	date:	2007-02-04T00:00:00
db:	BID	id:	81908	date:	2007-02-03T00:00:00
db:	JVNDB	id:	JVNDB-2007-001514	date:	2012-06-26T00:00:00
db:	CNNVD	id:	CNNVD-200702-040	date:	2007-02-03T00:00:00
db:	NVD	id:	CVE-2007-0709	date:	2007-02-04T00:28:00