Security Bypass in Comodo Firewall Pro Affecting Local User Protections
CVE-2007-1051

Currently unrated

Key Information:

Vendor: Comodo
Status: Comodo Firewall Pro
Vendor: CVE Published:; 21 February 2007

What is CVE-2007-1051?

Comodo Firewall Pro versions 2.4.17.183 and earlier utilize the weak CRC32 cryptographic hashing function to identify trusted modules. This vulnerability enables local users to replace legitimate modules with modified versions that possess identical CRC32 values, effectively bypassing the intended security measures of the firewall. As a result, unauthorized modifications can compromise the system's integrity and security controls, allowing for potential exploitation by malicious actors.

References

http://securityreason.com/securityalert/2279

third-party-advisoryx_refsource_SREASON

http://www.securityfocus.com/archive/1/460209/100/100/thr...

mailing-listx_refsource_BUGTRAQ

http://osvdb.org/45243

vdb-entryx_refsource_OSVDB

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 21, 2007
Vulnerability Reserved
Feb 21, 2007