Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Agnitum Outpost Firewall PRO 4.0 allows local users to bypass access restrictions and insert Trojan horse drivers into the product's installation directory by creating links using FileLinkInformation requests with the ZwSetInformationFile function, as demonstrated by modifying SandBox.sys.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Outpost防火墙文件链接绕过安全保护机制漏洞
Vulnerability Description
Outpost Firewal Pro是一款小巧的网络防火墙软件,包括了广告和图片过滤、内容过滤、DNS缓存等功能。 Outpost使用各种SSDT钩子保护其安装目录中的文件和目录,但在实现这种保护时无法防范恶意的应用程序调用原始API ZwSetInformationFile类FileLinkInformation,这允许攻击者在调用该函数时替换系统没有使用的文件。Outpost安装目录中的一个有漏洞文件为SandBox.sys。攻击者可以使用伪造的拷贝替换这个驱动,而在下一次重启的时候系统就会加载这个
CVSS Information
N/A
Vulnerability Type
N/A