CVE-2007-0333 Information

Description

Agnitum Outpost Firewall PRO 4.0 allows local users to bypass access restrictions and insert Trojan horse drivers into the product’s installation directory by creating links using FileLinkInformation requests with the ZwSetInformationFile function as demonstrated by modifying SandBox.sys.

Reference

http://osvdb.org/33480 http://securityreason.com/securityalert/2163 http://www.matousec.com/info/advisories/Outpost-Bypassing-Self-Protection-using-file-links.php http://www.securityfocus.com/archive/1/456973/100/0/threaded http://www.securityfocus.com/bid/22069 https://exchange.xforce.ibmcloud.com/vulnerabilities/31529