Details of VAR-200705-0349

ID

VAR-200705-0349

CVE

CVE-2007-2730

TITLE

Check Point ZoneAlarm Pro Vulnerability gained in

Trust: 0.8

sources: JVNDB: JVNDB-2007-002036

DESCRIPTION

Check Point ZoneAlarm Pro before 6.5.737.000 does not properly test for equivalence of process identifiers for certain Microsoft Windows API functions in the NT kernel 5.0 and greater, which allows local users to call these functions, and bypass firewall rules or gain privileges, via a modified identifier that is one, two, or three greater than the canonical identifier. Comodo Firewall Pro is prone to a local security vulnerability

Trust: 1.98

sources: NVD: CVE-2007-2730 // JVNDB: JVNDB-2007-002036 // BID: 86161 // VULHUB: VHN-26092

AFFECTED PRODUCTS

vendor:	microsoft	model:	windows 2000	scope:	-	version:	-	Trust: 1.4
vendor:	comodo	model:	personal firewall	scope:	eq	version:	2.3.6.81	Trust: 1.3
vendor:	comodo	model:	firewall pro	scope:	eq	version:	2.4.18.184	Trust: 1.3
vendor:	checkpoint	model:	zonealarm	scope:	lte	version:	6.1.744.001	Trust: 1.0
vendor:	comodo	model:	firewall pro	scope:	-	version:	-	Trust: 0.8
vendor:	comodo	model:	personal firewall	scope:	-	version:	-	Trust: 0.8
vendor:	check point	model:	zonealarm	scope:	lt	version:	pro 6.5.737.000	Trust: 0.8
vendor:	microsoft	model:	windows server 2003	scope:	-	version:	-	Trust: 0.8
vendor:	microsoft	model:	windows xp	scope:	eq	version:	sp3	Trust: 0.8
vendor:	microsoft	model:	windows 2003 server	scope:	-	version:	-	Trust: 0.6
vendor:	microsoft	model:	windows xp	scope:	-	version:	-	Trust: 0.6

sources: BID: 86161 // JVNDB: JVNDB-2007-002036 // CNNVD: CNNVD-200705-341 // NVD: CVE-2007-2730

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2007-2730
value:	HIGH
Trust: 1.0
NVD:	CVE-2007-2730
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-200705-341
value:	HIGH
Trust: 0.6
VULHUB:	VHN-26092
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2007-2730
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-26092
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-26092 // JVNDB: JVNDB-2007-002036 // CNNVD: CNNVD-200705-341 // NVD: CVE-2007-2730

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2007-2730

THREAT TYPE

local

Trust: 0.9

sources: BID: 86161 // CNNVD: CNNVD-200705-341

TYPE

unknown

Trust: 0.6

sources: CNNVD: CNNVD-200705-341

CONFIGURATIONS

sources: JVNDB: JVNDB-2007-002036

PATCH

title:	Top Page	url:	http://www.checkpoint.com	Trust: 0.8
title:	Top Page	url:	http://www.comodo.com	Trust: 0.8
title:	Top Page	url:	http://www.microsoft.com	Trust: 0.8

sources: JVNDB: JVNDB-2007-002036

EXTERNAL IDS

db:	NVD	id:	CVE-2007-2730	Trust: 2.8
db:	SREASON	id:	2714	Trust: 2.0
db:	OSVDB	id:	37383	Trust: 1.7
db:	JVNDB	id:	JVNDB-2007-002036	Trust: 0.8
db:	BUGTRAQ	id:	20070515 BYPASSING PFW/HIPS OPEN PROCESS CONTROL WITH UNCOMMON IDENTIFIER	Trust: 0.6
db:	CNNVD	id:	CNNVD-200705-341	Trust: 0.6
db:	BID	id:	86161	Trust: 0.4
db:	VULHUB	id:	VHN-26092	Trust: 0.1

sources: VULHUB: VHN-26092 // BID: 86161 // JVNDB: JVNDB-2007-002036 // CNNVD: CNNVD-200705-341 // NVD: CVE-2007-2730

REFERENCES

url:	http://www.matousec.com/info/advisories/bypassing-pwf-hips-open-process-control-with-uncommon-identifier.php	Trust: 2.0
url:	http://securityreason.com/securityalert/2714	Trust: 2.0
url:	http://osvdb.org/37383	Trust: 1.7
url:	http://www.securityfocus.com/archive/1/468643/100/0/threaded	Trust: 1.1
url:	http://www.securityfocus.com/archive/1/archive/1/468643/100/0/threaded	Trust: 0.9
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-2730	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-2730	Trust: 0.8

sources: VULHUB: VHN-26092 // BID: 86161 // JVNDB: JVNDB-2007-002036 // CNNVD: CNNVD-200705-341 // NVD: CVE-2007-2730

CREDITS

Unknown

Trust: 0.3

sources: BID: 86161

SOURCES

db:	VULHUB	id:	VHN-26092
db:	BID	id:	86161
db:	JVNDB	id:	JVNDB-2007-002036
db:	CNNVD	id:	CNNVD-200705-341
db:	NVD	id:	CVE-2007-2730

LAST UPDATE DATE

2024-11-23T22:03:54.217000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-26092	date:	2018-10-16T00:00:00
db:	BID	id:	86161	date:	2007-05-16T00:00:00
db:	JVNDB	id:	JVNDB-2007-002036	date:	2012-06-26T00:00:00
db:	CNNVD	id:	CNNVD-200705-341	date:	2007-05-21T00:00:00
db:	NVD	id:	CVE-2007-2730	date:	2024-11-21T00:31:30.970

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-26092	date:	2007-05-16T00:00:00
db:	BID	id:	86161	date:	2007-05-16T00:00:00
db:	JVNDB	id:	JVNDB-2007-002036	date:	2012-06-26T00:00:00
db:	CNNVD	id:	CNNVD-200705-341	date:	2007-05-16T00:00:00
db:	NVD	id:	CVE-2007-2730	date:	2007-05-16T22:30:00