CVE-2007-2083
published 2007-04-18CVE-2007-2083: vsdatant.sys in Check Point Zone Labs ZoneAlarm Pro before 7.0.302.000 does not validate certain arguments before being passed to hooked SSDT function…
PriorityP425medium6.9CVSS 2.0
AVLACMAuNCCICAC
EXPLOIT
EPSS
0.77%
51.1th percentile
vsdatant.sys in Check Point Zone Labs ZoneAlarm Pro before 7.0.302.000 does not validate certain arguments before being passed to hooked SSDT function handlers, which allows local users to cause a denial of service (system crash) or possibly execute arbitrary code via crafted arguments to the (1) NtCreateKey and (2) NtDeleteFile functions.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| zonelabs | zonealarm | <= 6.5.714.000 | — |
| zonelabs | zonealarm | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-gvf5-m6hg-5jhj: ZoneAlarm Pro 7
ghsa_unreviewed·2022-05-01·CVSS 6.9
CVE-2007-5044 [MEDIUM] GHSA-gvf5-m6hg-5jhj: ZoneAlarm Pro 7
ZoneAlarm Pro 7.0.362.000 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via the (1) NtCreatePort and (2) NtDeleteFile kernel SSDT hooks, a partial regression of CVE-2007-2083.
GHSA
GHSA-q7rc-c4gf-vj49: vsdatant
ghsa_unreviewed·2022-05-01
CVE-2007-2083 [MEDIUM] GHSA-q7rc-c4gf-vj49: vsdatant
vsdatant.sys in Check Point Zone Labs ZoneAlarm Pro before 7.0.302.000 does not validate certain arguments before being passed to hooked SSDT function handlers, which allows local users to cause a denial of service (system crash) or possibly execute arbitrary code via crafted arguments to the (1) NtCreateKey and (2) NtDeleteFile functions.
No detection rules found.
Exploit-DB
Prozilla Hosting Index - 'cat_id' SQL Injection
exploitdb·2008-04-28
CVE-2008-2083 Prozilla Hosting Index - 'cat_id' SQL Injection
Prozilla Hosting Index - 'cat_id' SQL Injection
---
____________________ ___ ___ ________
\_ _____/\_ ___ \ / | \\_____ \
| __)_ / \ \// ~ \/ | \
| \\ \___\ Y / | \
/_______ / \______ /\___|_ /\_______ /
\/ \/ \/ \/
.OR.ID
ECHO_ADV_88$2008
[ECHO_ADV_88$2008] Prozilla Hosting Index (directory.php cat_id) Blind Sql Injection Vulnerability
Author : M.Hasran Addahroni
Date : April, 28 th 2007
Location : Jakarta, Indonesia
Web : http://advisories.echo.or.id/adv/adv88-K-159-2008.txt
Critical Lvl : Medium
Impact : System access
Where : From Remote
Affected software description:
~~~~~~~~~~~~~~~~~~~~~~~~~~~
Application : Hosting Index
version : unknown
Vendor : http://www.prozilla.com/item.php?item=26
Description :
Vulnerability:
~~~~~~~~~~~~~
Input passed to the "cat_id" parameter in di
Exploit-DB
OpenNewsletter 2.5 - 'Compose.php' Cross-Site Scripting
exploitdb·2007-12-06
CVE-2007-6301 OpenNewsletter 2.5 - 'Compose.php' Cross-Site Scripting
OpenNewsletter 2.5 - 'Compose.php' Cross-Site Scripting
---
source: https://www.securityfocus.com/bid/26745/info
OpenNewsletter is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
OpenNewsletter 2.5 is vulnerable; other versions may also be affected.
http://www.example.com/path/to/opennewsletter/compose.php?type=html'%3Ch1%3EXSS!%3C/h1%3E http://www.example.com/path/to/opennewsletter/compose.php?type=';%3CSCRIPT%3Ealert(String.fromCharCode(88,%2083,%2083,%2032,%2058,%2040))//\
Exploit-DB
ZoneAlarm 6.1.744.001/6.5.737.000 - Vsdatant.SYS Driver Local Denial of Service
exploitdb·2007-04-15
CVE-2007-2083 ZoneAlarm 6.1.744.001/6.5.737.000 - Vsdatant.SYS Driver Local Denial of Service
ZoneAlarm 6.1.744.001/6.5.737.000 - Vsdatant.SYS Driver Local Denial of Service
---
// source: https://www.securityfocus.com/bid/23494/info
ZoneAlarm is prone to a local denial-of-service vulnerability.
This issue occurs when attackers supply invalid argument values to the 'vsdatant.sys' driver.
A local attacker may exploit this issue to crash affected computers, denying service to legitimate users.
ZoneAlarm Pro 6.5.737.000 and 6.1.744.001 are prone to this issue; other versions may be affected as well.
/*
Testing program for Multiple insufficient argument validation of hooked SSDT function (BTP00001P000ZA)
Usage:
prog FUNCNAME
FUNCNAME - name of function to be checked
Description:
This program calls given function with parameters that cause the crash of the system. This happen
No writeups or analysis indexed.
http://osvdb.org/35239http://securityreason.com/securityalert/2591http://www.matousec.com/info/advisories/ZoneAlarm-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.phphttp://www.securityfocus.com/archive/1/465868/100/0/threadedhttps://exchange.xforce.ibmcloud.com/vulnerabilities/33664http://osvdb.org/35239http://securityreason.com/securityalert/2591http://www.matousec.com/info/advisories/ZoneAlarm-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.phphttp://www.securityfocus.com/archive/1/465868/100/0/threadedhttps://exchange.xforce.ibmcloud.com/vulnerabilities/33664
2007-04-18
Published