Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4216

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2007-4216
Last Modified 10 Mar 2011 12:00:00
Published 21 Aug 2007 01:17:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2007-4216

Summary

vsdatant.sys 6.5.737.0 in Check Point Zone Labs ZoneAlarm before 7.0.362 allows local users to gain privileges via a crafted Interrupt Request Packet (Irp) in a METHOD_NEITHER (1) IOCTL 0x8400000F or (2) IOCTL 0x84000013 request, which can be used to overwrite arbitrary memory locations.

Vulnerable Systems

Application

  • Checkpoint Zonealarm 5.0.63.0

  • Checkpoint Zonealarm 6.1.744.001

  • Checkpoint Zonealarm 7.0.337.0


References

XF - zonealarm-vsdatant-privilege-escalation(36107)

VUPEN - ADV-2007-2929

BID - 25377

BID - 25365

BUGTRAQ - 20070820 [Reversemode Advisory] CheckPoint ZoneLabs Vsdatant.sys multiple local privilege escalation vulnerabilities

MISC - http://www.reversemode.com/index.php?option=com_remository&Itemid=2&func=fileinfo&id=53

SECTRACK - 1018589

SECUNIA - 26513

IDEFENSE - 20070820 Check Point Zone Labs VSDATANT Multiple IOCTL Privilege Escalation Vulnerabilities


Last Updated: 27 May 2016 10:45:48