lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <46EFFC24.50501@matousec.com>
Date: Tue, 18 Sep 2007 18:26:12 +0200
From: Matousec - Transparent security Research <research@...ousec.com>
To: bugtraq@...urityfocus.com
Subject: Plague in (security) software drivers & BSDOhook utility

Hello,

We have found number of vulnerabilities in implementations of SSDT hooks in many different products.


Vulnerable software:

     * BlackICE PC Protection 3.6.cqn
     * G DATA InternetSecurity 2007
     * Ghost Security Suite beta 1.110 and alpha 1.200
     * Kaspersky Internet Security 7.0.0.125
     * Norton Internet Security 2008 15.0.0.60
     * Online Armor Personal Firewall 2.0.1.215
     * Outpost Firewall Pro 4.0.1025.7828
     * Privatefirewall 5.0.14.2
     * Process Monitor 1.22
     * ProcessGuard 3.410
     * ProSecurity 1.40 Beta 2
     * RegMon 7.04
     * ZoneAlarm Pro 7.0.362.000
     * probably other versions of above mentioned software
     * possibly many other software products that implement SSDT hooks


Not vulnerable software:

     * Comodo Personal Firewall 2.4.18.184
     * Daemon Tools Lite 4.10 X86
     * Sunbelt Personal Firewall 4.5.916.0



More details and the BSODhook utility that allows everyone to find similar vulnerabilities
easily are available here:

Advisory: http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php
Article: http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php


Regards,

-- 
Matousec - Transparent security Research
http://www.matousec.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ