Description
Comodo Firewall Pro (CFP) (formerly Comodo Personal Firewall) 2.4.18.184 and earlier allows local users to bypass driver protections on the HKLM\SYSTEM\Software\Comodo\Personal Firewall registry key by guessing the name of a named pipe under \Device\NamedPipe\OLE and attempting to open it multiple times.
Affected products
- Comodo / comodo_firewall_pro2.4.16.174 – 2.4.16.174
- Comodo / comodo_firewall_pro2.4.17.183 – 2.4.17.183
- Comodo / comodo_firewall_pro2.4.18.184 – 2.4.18.184
References
- MISChttp://www.securityfocus.com/bid/22775
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/32771
- MISChttp://securityreason.com/securityalert/2388
- MISChttp://www.securityfocus.com/archive/1/461635/100/0/threaded
- VENDOR_ADVISORYhttp://www.matousec.com/info/advisories/Comodo-Bypassing-settings-protection-using-magic-pipe.php
- MISChttp://osvdb.org/34957