Software: Panda ActiveScan 5.x
Description:
Secunia Research has discovered two vulnerabilities and a weakness in Panda ActiveScan, which can be exploited by malicious people to disclose system information, cause a DoS (Denial of Service), and compromise a user's system.
1) The "Reinicializar()" method in the "ActiveScan.1" ActiveX control allows rebooting the system when invoked. This can be exploited by e.g. a malicious website to reboot a user's system without any user confirmation.
2) The "ObtenerTamano()" method in the "PAVPZ.SOS.1" ActiveX control returns the file size of a given local filename. This can be exploited by e.g. a malicious website to determine the presence of local files and the corresponding file sizes.
3) The "Analizar()" method in the "ActiveScan.1" ActiveX control is not thread safe. This can be exploited by e.g. a malicious website via a race condition to corrupt memory and execute arbitrary code.
The vulnerabilities are confirmed in version 5.53.00. Other versions may also be affected.
Solution: Update to version 5.54.01.
http://www.pandasoftware.com/products/ActiveScan.htm
http://secunia.com/advisories/21763/
TITLE:
Outpost Firewall Pro Hooked Functions Denial of Service
SECUNIA ADVISORY ID:
SA22913
VERIFY ADVISORY:
http://secunia.com/advisories/22913/
CRITICAL:
Not critical
IMPACT:
DoS
WHERE:
Local system
SOFTWARE:
Outpost Firewall Pro 4.x
http://secunia.com/product/12472/
DESCRIPTION:
Matousec has discovered a vulnerability in Outpost Firewall Pro,
which can be exploited by malicious, local users to cause a DoS
(Denial of Service).
The vulnerability is caused due to an error within Sandbox.sys when
handling the parameters of certain hooked functions. This can be
exploited to cause a DoS by calling NtAssignProcessToJobObject,
NtCreateKey, NtCreateThread, NtDeleteFile, NtLoadDriver,
NtOpenProcess, NtProtectVirtualMemory, NtReplaceKey,
NtTerminateProcess, NtTerminateThread, NtUnloadDriver, and
NtWriteVirtualMemory with specially crafted parameters.
The vulnerability is confirmed in version 4.0.971.7030 (584). Other
versions may also be affected.
SOLUTION:
Restrict access to trusted users only.
PROVIDED AND/OR DISCOVERED BY:
Matousec Transparent Security
ORIGINAL ADVISORY:
Matousec Transparent Security:
http://www.matousec.com/info/advisories/Outpost-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php