Comodo Firewall Pro... Good or Bad!?!

[mad0maxx]

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1330

National Cyber-Alert System
Vulnerability Summary CVE-2007-1330
Original release date: 3/7/2007
Last revised: 3/9/2007
Source: US-CERT/NIST


Overview

Comodo Firewall Pro (CFP) (formerly Comodo Personal Firewall) 2.4.18.184 and earlier allows local users to bypass driver protections on the HKLM\SYSTEM\Software\Comodo\Personal Firewall registry key by guessing the name of a named pipe under \Device\NamedPipe\OLE and attempting to open it multiple times.


Impact

CVSS Severity: 3.9 (Low)
Range: Locally exploitable
Authentication: Not required to exploit
Impact Type: Provides unauthorized access, Allows partial confidentiality, integrity, and availability violation


References to Advisories, Solutions, and Tools

External Source: XF (disclaimer)

Name: comodofirewallpro-pipe-security-bypass(32771)

Hyperlink: http://xforce.iss.net/xforce/xfdb/32771


External Source: BID (disclaimer)

Name: 22775

Hyperlink: http://www.securityfocus.com/bid/22775


External Source: BUGTRAQ (disclaimer)

Name: 20070301 Comodo Bypassing settings protection using magic pipe Vulnerability

Type: Advisory
Hyperlink: http://www.securityfocus.com/archive/1/archive/1/461635/100/0/threaded


External Source: (disclaimer)

Type: Advisory
Hyperlink: http://www.matousec.com/info/advisories...ttings-protection-using-magic-pipe.php


Vulnerable software and versions

Configuration 1
- Comodo, Comodo Firewall Pro, 2.4.16.174
- Comodo, Comodo Firewall Pro, 2.4.17.183
- Comodo, Comodo Firewall Pro, 2.4.18.184



Technical Details

CVSS Base Score Vector: (AV:L/AC:H/Au:NR/C/I/A/B:N) (legend)

Vulnerability Type: Design Error


CVE Standard Vulnerability Entry:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1330


Common Platform Enumeration:
http://nvd.nist.gov/cpe.cfm?cvename=CVE-2007-1330