<<< Date Index >>>     <<< Thread Index >>>

Re: Multiple Firewall Products Bypass Vulnerability



On 2005-01-03 Ferruh Mavituna wrote:
> -------------------------------------------------------------------
> Multiple Firewall Products Bypass Vulnerability 
> -------------------------------------------------------------------
> Online URL            : http://ferruh.mavituna.com/article/?769
> Download POC  : http://ferruh.mavituna.com/opensource/firewallbypass.zip
> (Also I attached vbs files as txt, one of them is -mousecontrol.txt-
> vb.net source code)
> 
> This is a generic problem of common Personal Firewall products which
> are accept shortcuts or provide an interface that enables to click
> without require a password for controlled actions (acting as server
> -listening ports-, executing another program, connecting to another
> computer etc.).

There was a demonstration of this very problem on a lecture the Chaos
Computer Club Ulm held on December 13th at the University of Ulm. We had
two sample applications to circumvent Kerio and Nortion Personal
Firewalls. During this lecture we also demonstrated how a malicious
application could establish a remote shell without any Personal Firewall
taking notice.

http://www.ulm.ccc.de/chaos-seminar/personal-firewalls/

Up to now the page is only available in german, sorry.

Regards
Ansgar Wiechers
-- 
"Those who would give up liberty for a little temporary safety
deserve neither liberty nor safety, and will lose both."
--Benjamin Franklin