CVE-2007-0709

Comodo Firewall Pro (formerly Comodo Personal Firewall) versions 2.4.16.174 and earlier are affected by CVE-2007-0709 due to insufficient validation of user-mode arguments for hooked SSDT functions (NtCreateSection, NtOpenProcess, NtOpenSection, NtOpenThread, NtSetValueKey). The underlying issue ...

CVE-2007-0708

Affected software : Comodo Firewall Pro (formerly Comodo Personal Firewall) prior to 2.4.16.174. Vulnerable component / root cause : cmdmon.sys, with insufficient validation of user-mode arguments for the hooked SSDT functions NtConnectPort and NtCreatePort. Impact : local users can trigger a den...

Comodo防火墙cmdmon.sys驱动多个本地拒绝服务漏洞

Comodo是一款功能强大的个人防火墙。 Comodo防火墙的cmdmon.sys驱动程序在处理系统调用参数时存在漏洞，本地攻击者可能利用此漏洞导致拒绝服务。 Comodo防火墙HOOK了很多SSDT中的函数，其中至少有7种情况没有验证用户态的参数。由于cmdmon.sys驱动中的错误，在调用NtConnectPort、NtCreatePort、NtCreateSection、NtOpenProcess、NtOpenSection、NtOpenThread和NtSetValueKey时可能会导致拒绝服务。 Comodo Personal Firewall 2.3.6.81 Comodo...

[Full-disclosure] Comodo Multiple insufficient argument validation of hooked SSDT function Vulnerability

Hello, We would like to inform you about a vulnerability in Comodo Firewall Pro. Description: Comodo Firewall Pro former Comodo Personal Firewall hooks many functions in SSDT and in at least seven cases it fails to validate arguments that come from the user mode. User calls to NtConnectPort CFP...

Comodo Firewall Pro privilege escalation

Insufficient filtering of hooked SSDT functions potentially allows code execution in system content...

Comodo Firewall 2.3.6 - CMDMon.SYS Multiple Denial of Service Vulnerabilities

Comodo Firewall 2.3.6 - CMDMon.SYS Multiple Denial of Service Vulnerabilities // source: https://www.securityfocus.com/bid/22357/info Comodo Firewall is prone to multiple denial-of-service vulnerabilities because it fails to adequately validate user supplied data. Exploiting these issues may perm...

Comodo Firewall 2.3.6 - 'CMDMon.SYS' Multiple Denial of Service Vulnerabilities

// source: https://www.securityfocus.com/bid/22357/info Comodo Firewall is prone to multiple denial-of-service vulnerabilities because it fails to adequately validate user supplied data. Exploiting these issues may permit attackers to cause system crashes and deny service to legitimate users...

CVE-2006-6620

Comodo Personal Firewall 2.3.6.81 relies on the Process Environment Block PEB to identify a process, which allows local users to bypass the product's controls on a process by spoofing the 1 ImagePathName, 2 CommandLine, and 3 WindowTitle fields in the PEB...

CVE-2006-6620

CVE-2006-6620 affects Comodo Personal Firewall 2.3.6.81, which relies on the Process Environment Block (PEB) to identify a process. This allows local users to bypass the product’s controls on a process by spoofing the PEB fields (ImagePathName, CommandLine, WindowTitle). The provided documents do...

CVE-2006-6620

Comodo Personal Firewall 2.3.6.81 relies on the Process Environment Block PEB to identify a process, which allows local users to bypass the product's controls on a process by spoofing the 1 ImagePathName, 2 CommandLine, and 3 WindowTitle fields in the PEB...