The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Vulnerability of Outpost Firewall: opening a privileged explorer

Synthesis of the vulnerability 

A local attacker can use Outpost Firewall to open an explorer running with SYSTEM privileges.
Vulnerable software: Outpost Firewall.
Severity of this announce: 2/4.
Creation date: 18/07/2006.
Revision date: 24/07/2006.
Références of this computer vulnerability: BID-19024, BTS16825, CVE-2006-3697, sb-03-037491-001-t, VIGILANCE-VUL-6013.

Description of the vulnerability 

The Outpost Firewall product has an interface where user can click on a link named "open folder" in order to see the directory containing the file. This explorer is opened with rights of current user.

However, if local attacker previously terminates the explorer.exe process, this explorer is opened with SYSTEM rights.

A local attacker can therefore obtain administrative privileges on system.

Several attack variants are proposed because Outpost Firewall opens its windows with SYSTEM rights.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

This threat impacts software or systems such as Outpost Firewall.

Our Vigil@nce team determined that the severity of this computer threat is medium.

The trust level is of type confirmed by a trusted third party, with an origin of user account.

An attacker with a expert ability can exploit this cybersecurity bulletin.

Solutions for this threat 

Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

Computer vulnerabilities tracking service 

Vigil@nce provides a software vulnerabilities bulletin. Each administrator can customize the list of products for which he wants to receive vulnerability alerts.