CVE-2007-0709
published 2007-02-04CVE-2007-0709: cmdmon.sys in Comodo Firewall Pro (formerly Comodo Personal Firewall) 2.4.16.174 and earlier does not validate arguments that originate in user mode for the…
PriorityP422high7.2CVSS 2.0
AVLACLAuNCCICAC
EPSS
0.46%
36.4th percentile
cmdmon.sys in Comodo Firewall Pro (formerly Comodo Personal Firewall) 2.4.16.174 and earlier does not validate arguments that originate in user mode for the (1) NtCreateSection, (2) NtOpenProcess, (3) NtOpenSection, (4) NtOpenThread, and (5) NtSetValueKey hooked SSDT functions, which allows local users to cause a denial of service (system crash) and possibly gain privileges via invalid arguments.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| comodo | comodo_firewall_pro | <= 2.4.16.174 | — |
| comodo | comodo_personal_firewall | <= 2.4 | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-p5gm-c4xq-m266: cmdmon
ghsa_unreviewed·2022-05-01
CVE-2007-0709 [HIGH] GHSA-p5gm-c4xq-m266: cmdmon
cmdmon.sys in Comodo Firewall Pro (formerly Comodo Personal Firewall) 2.4.16.174 and earlier does not validate arguments that originate in user mode for the (1) NtCreateSection, (2) NtOpenProcess, (3) NtOpenSection, (4) NtOpenThread, and (5) NtSetValueKey hooked SSDT functions, which allows local users to cause a denial of service (system crash) and possibly gain privileges via invalid arguments.
GHSA
GHSA-xwmv-w8ff-6vr2: Comodo Firewall Pro before 3
ghsa_unreviewed·2022-05-01·CVSS 7.2
CVE-2008-1736 [HIGH] GHSA-xwmv-w8ff-6vr2: Comodo Firewall Pro before 3
Comodo Firewall Pro before 3.0 does not properly validate certain parameters to hooked System Service Descriptor Table (SSDT) functions, which allows local users to cause a denial of service (system crash) via (1) a crafted OBJECT_ATTRIBUTES structure in a call to the NtDeleteFile function, which leads to improper validation of a ZwQueryObject result; and unspecified calls to the (2) NtCreateFile and (3) NtSetThreadContext functions, different vectors than CVE-2007-0709.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2007-3392 Wireshark crashes when inspecting MMS traffic
bugzilla·2007-06-29·CVSS 5.0
CVE-2007-3392 [MEDIUM] CVE-2007-3392 Wireshark crashes when inspecting MMS traffic
CVE-2007-3392 Wireshark crashes when inspecting MMS traffic
+++ This bug was initially created as a clone of Bug #246225 +++
Description of problem:
Wireshark was reported to crash due to NULL pointer dereference when
attempting to dissect a fuzzed MMS traffic traffic.
Version-Release number of selected component (if applicable):
Wireshark 0.99.5
Additional info:
This is fixed in upstream revision 20837.
I was not able to reproduce this on an x86_64 architecture box.
Discussion:
Created attachment 158202
Capture file of MMS traffic that crashes Wireshark
---
This issue was addressed in:
Red Hat Enterprise Linux:
http://rhn.redhat.com/errata/RHSA-2007-0710.html
http://rhn.redhat.com/errata/RHSA-2007-0709.html
http://rhn.redhat.com/errata/RHSA-2008-0059.html
---
Reporter change
Bugzilla
CVE-2007-3392 Wireshark loops infinitely when inspecting SSL traffic
bugzilla·2007-06-26·CVSS 5.0
CVE-2007-3392 [MEDIUM] CVE-2007-3392 Wireshark loops infinitely when inspecting SSL traffic
CVE-2007-3392 Wireshark loops infinitely when inspecting SSL traffic
Description of problem:
Wireshark enters an infinite loop when dissecting certain SSL traffic.
Version-Release number of selected component (if applicable):
Wireshark 0.99.5
Additional info:
No reproducer is available. This is fixed in upstream revision 21665.
Discussion:
This issue was addressed in:
Red Hat Enterprise Linux:
http://rhn.redhat.com/errata/RHSA-2007-0710.html
http://rhn.redhat.com/errata/RHSA-2007-0709.html
http://rhn.redhat.com/errata/RHSA-2008-0059.html
---
Reporter changed to [email protected] by request of Jay Turner.
Bugzilla
CVE-2007-3389 Wireshark crashes when inspecting HTTP traffic
bugzilla·2007-06-26·CVSS 5.0
CVE-2007-3389 [MEDIUM] CVE-2007-3389 Wireshark crashes when inspecting HTTP traffic
CVE-2007-3389 Wireshark crashes when inspecting HTTP traffic
Description of problem:
Wireshark crashes due to assertion fail when dissecting certain
HTTP traffic.
Version-Release number of selected component (if applicable):
Wireshark 0.99.5
Steps to Reproduce:
1. Open the attached capture with the Wireshark GUI
2. Click on the last HTTP packet
Additional info:
This is fixed in upstream revision 21034.
Discussion:
Created attachment 157935
Capture file of HTTP traffic that crashes Wireshark
---
This issue was addressed in:
Red Hat Enterprise Linux:
http://rhn.redhat.com/errata/RHSA-2007-0710.html
http://rhn.redhat.com/errata/RHSA-2007-0709.html
http://rhn.redhat.com/errata/RHSA-2008-0059.html
---
Reporter changed to [email protected] by request of Jay Turner.
http://securitytracker.com/id?1017580http://www.matousec.com/info/advisories/Comodo-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.phphttp://www.securityfocus.com/archive/1/458773/100/0/threadedhttp://www.securityfocus.com/bid/22357https://exchange.xforce.ibmcloud.com/vulnerabilities/32059http://securitytracker.com/id?1017580http://www.matousec.com/info/advisories/Comodo-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.phphttp://www.securityfocus.com/archive/1/458773/100/0/threadedhttp://www.securityfocus.com/bid/22357https://exchange.xforce.ibmcloud.com/vulnerabilities/32059
2007-02-04
Published