Description
Comodo Firewall Pro (formerly Comodo Personal Firewall) 2.4.17.183 and earlier uses a weak cryptographic hashing function (CRC32) to identify trusted modules, which allows local users to bypass security protections by substituting modified modules that have the same CRC32 value.
Affected products
- Comodo / comodo_firewall_pro2.4.17.183
References
- MISChttp://securityreason.com/securityalert/2279
- MISChttp://www.securityfocus.com/archive/1/460209/100/100/threaded
- MISChttp://osvdb.org/45243
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/32530
- VENDOR_ADVISORYhttp://www.matousec.com/info/advisories/Comodo-DLL-injection-via-weak-hash-function-exploitation.php
- MAILING_LISThttp://lists.grok.org.uk/pipermail/full-disclosure/2007-February/052461.html