| Vulnerability Name: | CVE-2007-5040 (CCN-36667) | ||||||||
| Assigned: | 2007-09-18 | ||||||||
| Published: | 2007-09-18 | ||||||||
| Updated: | 2018-10-15 | ||||||||
| Summary: | Ghost Security Suite alpha 1.200 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via the (1) NtCreateKey, (2) NtCreateThread, (3) NtDeleteValueKey, (4) NtQueryValueKey, (5) NtSetSystemInformation, and (6) NtSetValueKey kernel SSDT hooks. | ||||||||
| CVSS v3 Severity: | 9.3 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||
| CVSS v2 Severity: | 2.1 Low (CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P) 1.8 Low (Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P/E:POC/RL:U/RC:UR)
6.1 Medium (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C/E:POC/RL:U/RC:UR)
| ||||||||
| Vulnerability Type: | CWE-264 CWE-20 | ||||||||
| Vulnerability Consequences: | Gain Privileges | ||||||||
| References: | Source: CCN Type: BugTraq Mailing List, Tue Sep 18 2007 - 11:26:12 CDT Plague in (security) software drivers & BSDOhook utility Source: MITRE Type: CNA CVE-2007-4967 Source: MITRE Type: CNA CVE-2007-4968 Source: MITRE Type: CNA CVE-2007-4969 Source: MITRE Type: CNA CVE-2007-4970 Source: MITRE Type: CNA CVE-2007-4971 Source: MITRE Type: CNA CVE-2007-4972 Source: MITRE Type: CNA CVE-2007-5039 Source: MITRE Type: CNA CVE-2007-5040 Source: MITRE Type: CNA CVE-2007-5041 Source: MITRE Type: CNA CVE-2007-5042 Source: MITRE Type: CNA CVE-2007-5043 Source: MITRE Type: CNA CVE-2007-5044 Source: MITRE Type: CNA CVE-2007-5047 Source: SREASON Type: UNKNOWN 3161 Source: CCN Type: Outpost Firewall PRO Web site Outpost Firewall PRO - Personal Firewall Source: CCN Type: ProcessGaurd Web site Rootkit protection, stop the worst spyware trojans. DiamondCS ProcessGuard rootkit prevention Source: CCN Type: G DATA InternetSecurity 2007 Web site G Data Software AG Source: CCN Type: Ghost Security Suite Web site Ghost Security - Security Software, Freeware and Shareware Source: CCN Type: Kaspersky Internet Security Web site Antivirus Software: Kaspersky Lab - Protection Against CrimeWare Source: CCN Type: MatouSec Transparent Security Advisory 2007-09-18.01 Plague in (security) software drivers [SSDT hooking] Source: MISC Type: UNKNOWN http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php Source: CCN Type: MatouSec Transparent Security Web site Plague in (security) software drivers Source: MISC Type: UNKNOWN http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php Source: CCN Type: RegMon Web site RegMon for Windows v7.04 Source: CCN Type: Process Monitor Web site Process Monitor v1.22 Source: CCN Type: OSVDB ID: 37990 Kaspersky Multiple Products Multiple SSDT Functions Local Privilege Escalation Source: CCN Type: OSVDB ID: 45895 Ghost Security Suite SSDT Hooks Local Privilege Escalation Source: CCN Type: OSVDB ID: 45896 G DATA InternetSecurity SSDT Hooks Local Privilege Escalation Source: CCN Type: OSVDB ID: 45897 Symantec Norton Internet Security SSDT Hooks Local Privilege Escalation Source: CCN Type: OSVDB ID: 45898 ZoneAlarm Pro SSDT Hooks Local Privilege Escalation Source: CCN Type: OSVDB ID: 45899 Outpost Firewall Pro SSDT Hooks Local Privilege Escalation Source: CCN Type: OSVDB ID: 45951 Online Armor Personal Firewall SSDT Hooks Local Privilege Escalation Source: CCN Type: OSVDB ID: 45952 Privatefirewall SSDT Hooks Local Privilege Escalation Source: CCN Type: OSVDB ID: 45953 Process Monitor SSDT Hooks Local Privilege Escalation Source: CCN Type: OSVDB ID: 45954 ProcessGuard SSDT Hooks Local Privilege Escalation Source: CCN Type: OSVDB ID: 45956 ProSecurity SSDT Hooks Local Privilege Escalation Source: CCN Type: OSVDB ID: 45957 RegMon SSDT Hooks Local Privilege Escalation Source: CCN Type: ProSecurity Web site Prosecurity -- New&Proactive HIPS Source: BUGTRAQ Type: UNKNOWN 20070918 Plague in (security) software drivers & BSDOhook utility Source: CCN Type: BID-25705 G DATA Internet Security SSDT Hooks Multiple Local Vulnerabilities Source: CCN Type: BID-25709 Ghost Security Suite SSDT Hooks Multiple Local Vulnerabilities Source: CCN Type: BID-25711 Online Armor Personal Firewall SSDT Hooks Multiple Local Vulnerabilities Source: CCN Type: BID-25712 Privatefirewall SSDT Hooks Multiple Local Vulnerabilities Source: CCN Type: BID-25714 DiamondCS ProcessGuard SSDT Hooks Multiple Local Vulnerabilities Source: CCN Type: BID-25718 ProSecurity SSDT Hooks Multiple Local Vulnerabilities Source: CCN Type: BID-25719 Microsoft Process Monitor SSDT Hooks Multiple Local Vulnerabilities Source: CCN Type: BID-25721 Microsoft RegMon SSDT Hooks Multiple Local Vulnerabilities Source: CCN Type: Norton Internet Security 2008 Web site Norton Internet Security : Anti Virus Software - Anti Spyware Source: CCN Type: Online Armor Security Suite Web site Online Armor - Home Source: CCN Type: ZoneAlarm Pro Web site ZoneAlarm by Check Point - Award winning PC Protection, Antivirus, Firewall, Anti-Spyware, Identity Protection, and much more. Source: XF Type: UNKNOWN firewall-ssdt-privilege-escalation(36667) Source: CCN Type: Privatefirewall Web site Privatefirewall | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||