Sign-up

ID

VAR-200706-0158


CVE

CVE-2007-3086


TITLE

Agnitum Outpost Firewall Outpost_IPC_HDR Local Denial of Service Vulnerability

Trust: 0.9

sources: BID: 24284 // CNNVD: CNNVD-200706-093

DESCRIPTION

Unrestricted critical resource lock in Agnitum Outpost Firewall PRO 4.0 1007.591.145 and earlier allows local users to cause a denial of service (system hang) by capturing the outpost_ipc_hdr mutex. Outpost Firewall is prone to a local denial-of-service vulnerability. An attacker can exploit this issue to block arbitrary processes, denying service to legitimate users. This issue affects Outpost Firewall 4.0 build 1007.591.145 and build 964.582.059; other versions may also be affected

Trust: 2.07

sources: NVD: CVE-2007-3086 // JVNDB: JVNDB-2007-002154 // BID: 24284 // VULHUB: VHN-26448 // VULMON: CVE-2007-3086

AFFECTED PRODUCTS

vendor:agnitummodel:outpost firewallscope:eqversion:4.0_1007.591.145

Trust: 1.6

vendor:agnitummodel:outpost firewallscope:eqversion:4.0_964.582.059

Trust: 1.6

vendor:agnitummodel:outpost firewallscope:eqversion:4.0

Trust: 1.6

vendor:agnitummodel:outpost firewallscope:lteversion:pro 4.0 1007.591.145

Trust: 0.8

vendor:agnitummodel:outpost firewall proscope:eqversion:4.0(964.582.059)

Trust: 0.3

vendor:agnitummodel:outpost firewall proscope:eqversion:4.0(1007.591.145)

Trust: 0.3

vendor:agnitummodel:outpost firewall proscope:eqversion:4.0

Trust: 0.3

sources: BID: 24284 // JVNDB: JVNDB-2007-002154 // CNNVD: CNNVD-200706-093 // NVD: CVE-2007-3086

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2007-3086
value: MEDIUM

Trust: 1.0

NVD: CVE-2007-3086
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-200706-093
value: MEDIUM

Trust: 0.6

VULHUB: VHN-26448
value: MEDIUM

Trust: 0.1

VULMON: CVE-2007-3086
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2007-3086
severity: MEDIUM
baseScore: 4.9
vectorString: AV:L/AC:L/AU:N/C:N/I:N/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-26448
severity: MEDIUM
baseScore: 4.9
vectorString: AV:L/AC:L/AU:N/C:N/I:N/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-26448 // VULMON: CVE-2007-3086 // JVNDB: JVNDB-2007-002154 // CNNVD: CNNVD-200706-093 // NVD: CVE-2007-3086

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2007-3086

THREAT TYPE

local

Trust: 0.9

sources: BID: 24284 // CNNVD: CNNVD-200706-093

TYPE

Design Error

Trust: 0.9

sources: BID: 24284 // CNNVD: CNNVD-200706-093

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2007-002154

EXPLOIT AVAILABILITY
sources:
            
            
            VULHUB: VHN-26448 // 
            
            
            
            VULMON: CVE-2007-3086

PATCH
title:Top Pageurl:http://www.agnitum.com/products/outpost/
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2007-002154

EXTERNAL IDS
db:NVDid:CVE-2007-3086
Trust: 2.9
db:BIDid:24284
Trust: 2.1
db:SREASONid:2775
Trust: 1.8
db:OSVDBid:42038
Trust: 1.8
db:JVNDBid:JVNDB-2007-002154
Trust: 0.8
db:XFid:34686
Trust: 0.6
db:BUGTRAQid:20070601 OUTPOST ENFORCING SYSTEM REBOOT WITH 'OUTPOST_IPC_HDR' MUTEX VULNERABILITY
Trust: 0.6
db:CNNVDid:CNNVD-200706-093
Trust: 0.6
db:EXPLOIT-DBid:30139
Trust: 0.2
db:SEEBUGid:SSVID-83596
Trust: 0.1
db:VULHUBid:VHN-26448
Trust: 0.1
db:VULMONid:CVE-2007-3086
Trust: 0.1
sources:
            
            
            VULHUB: VHN-26448 // 
            
            
            
            VULMON: CVE-2007-3086 // 
            
            
            
            BID: 24284 // 
            
            
            
            JVNDB: JVNDB-2007-002154 // 
            
            
            
            CNNVD: CNNVD-200706-093 // 
            
            
            
            NVD: CVE-2007-3086

REFERENCES
url:http://www.securityfocus.com/bid/24284
Trust: 1.8
url:http://www.matousec.com/info/advisories/outpost-enforcing-system-reboot-with-outpost_ipc_hdr-mutex.php
Trust: 1.8
url:http://osvdb.org/42038
Trust: 1.8
url:http://securityreason.com/securityalert/2775
Trust: 1.8
url:http://www.securityfocus.com/archive/1/470278/100/0/threaded
Trust: 1.2
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/34686
Trust: 1.2
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3086
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-3086
Trust: 0.8
url:http://xforce.iss.net/xforce/xfdb/34686
Trust: 0.6
url:http://www.securityfocus.com/archive/1/archive/1/470278/100/0/threaded
Trust: 0.6
url:http://www.agnitum.com/
Trust: 0.3
url:/archive/1/470278
Trust: 0.3
url:https://cwe.mitre.org/data/definitions/.html
Trust: 0.1
url:http://tools.cisco.com/security/center/viewalert.x?alertid=13470
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
url:https://www.exploit-db.com/exploits/30139/
Trust: 0.1
sources:
            
            
            VULHUB: VHN-26448 // 
            
            
            
            VULMON: CVE-2007-3086 // 
            
            
            
            BID: 24284 // 
            
            
            
            JVNDB: JVNDB-2007-002154 // 
            
            
            
            CNNVD: CNNVD-200706-093 // 
            
            
            
            NVD: CVE-2007-3086

CREDITS
Matousec is credited with the discovery of this vulnerability.
Trust: 0.9
sources:
            
            
            BID: 24284 // 
            
            
            
            CNNVD: CNNVD-200706-093

SOURCES
db:VULHUBid:VHN-26448
db:VULMONid:CVE-2007-3086
db:BIDid:24284
db:JVNDBid:JVNDB-2007-002154
db:CNNVDid:CNNVD-200706-093
db:NVDid:CVE-2007-3086

LAST UPDATE DATE
2024-08-14T15:04:25.359000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-26448date:2018-10-16T00:00:00
db:VULMONid:CVE-2007-3086date:2018-10-16T00:00:00
db:BIDid:24284date:2015-05-07T17:37:00
db:JVNDBid:JVNDB-2007-002154date:2012-06-26T00:00:00
db:CNNVDid:CNNVD-200706-093date:2007-06-07T00:00:00
db:NVDid:CVE-2007-3086date:2018-10-16T16:47:18.153

SOURCES RELEASE DATE
db:VULHUBid:VHN-26448date:2007-06-06T00:00:00
db:VULMONid:CVE-2007-3086date:2007-06-06T00:00:00
db:BIDid:24284date:2007-06-04T00:00:00
db:JVNDBid:JVNDB-2007-002154date:2012-06-26T00:00:00
db:CNNVDid:CNNVD-200706-093date:2007-06-06T00:00:00
db:NVDid:CVE-2007-3086date:2007-06-06T10:30:00