Sign-up

ID

VAR-201101-0025


CVE

CVE-2011-0652


TITLE

Look 'n' Stop Firewall of lnsfw1.sys Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2011-004198

DESCRIPTION

lnsfw1.sys 6.0.2900.5512 in Look 'n' Stop Firewall 2.06p4 and 2.07 allows local users to cause a denial of service (crash) via a crafted 0x80000064 IOCTL request that triggers an assertion failure. NOTE: some of these details are obtained from third party information. Look 'n' Stop Firewall is prone to a local denial-of-service vulnerability. Local attackers can exploit this issue to cause the affected application to stop. Look 'n' Stop Firewall 2.06 and 2.07 are vulnerable; other versions may also be affected. ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Look 'n' Stop Firewall IOCTL Handling Denial of Service Vulnerability SECUNIA ADVISORY ID: SA43044 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43044/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43044 RELEASE DATE: 2011-01-26 DISCUSS ADVISORY: http://secunia.com/advisories/43044/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43044/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43044 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Look 'n' Stop Firewall, which can be exploited by malicious, local users to cause a DoS (Denial of Service). The vulnerability is caused due to an error in the "lnsfw1.sys" driver when handling the 80000064h IOCTL. This can be exploited to cause an assertion error and crash the kernel via a specially crafted input buffer passed to the IOCTL. The vulnerability is confirmed in version 2.07. Other versions may also be affected. SOLUTION: Restrict access to trusted users only. PROVIDED AND/OR DISCOVERED BY: Heurs OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.07

sources: NVD: CVE-2011-0652 // JVNDB: JVNDB-2011-004198 // BID: 45949 // VULHUB: VHN-48597 // PACKETSTORM: 97879

AFFECTED PRODUCTS

vendor:looknstopmodel:look \'n\' stop firewallscope:eqversion:2.06

Trust: 1.6

vendor:looknstopmodel:look \'n\' stop firewallscope:eqversion:2.07

Trust: 1.6

vendor:looknstopmodel:look 'n' stop firewallscope:eqversion:2.06p4 and 2.07

Trust: 0.8

vendor:lookmodel:'n' stop look 'n' stop firewallscope:eqversion:2.07

Trust: 0.3

vendor:lookmodel:'n' stop look 'n' stop firewallscope:eqversion:2.06

Trust: 0.3

sources: BID: 45949 // JVNDB: JVNDB-2011-004198 // CNNVD: CNNVD-201101-392 // NVD: CVE-2011-0652

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2011-0652
value: LOW

Trust: 1.0

NVD: CVE-2011-0652
value: LOW

Trust: 0.8

CNNVD: CNNVD-201101-392
value: LOW

Trust: 0.6

VULHUB: VHN-48597
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2011-0652
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:N/I:N/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-48597
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:N/I:N/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-48597 // JVNDB: JVNDB-2011-004198 // CNNVD: CNNVD-201101-392 // NVD: CVE-2011-0652

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

sources: VULHUB: VHN-48597 // JVNDB: JVNDB-2011-004198 // NVD: CVE-2011-0652

THREAT TYPE

local

Trust: 1.0

sources: BID: 45949 // PACKETSTORM: 97879 // CNNVD: CNNVD-201101-392

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201101-392

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2011-004198

EXPLOIT AVAILABILITY
sources:
            
            
            VULHUB: VHN-48597

PATCH
title:Top Pageurl:http://www.looknstop.com/En/index2.htm
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2011-004198

EXTERNAL IDS
db:NVDid:CVE-2011-0652
Trust: 2.8
db:BIDid:45949
Trust: 2.0
db:SECUNIAid:43044
Trust: 1.8
db:OSVDBid:70638
Trust: 1.7
db:EXPLOIT-DBid:16021
Trust: 1.7
db:JVNDBid:JVNDB-2011-004198
Trust: 0.8
db:CNNVDid:CNNVD-201101-392
Trust: 0.7
db:XFid:64851
Trust: 0.6
db:SEEBUGid:SSVID-70597
Trust: 0.1
db:VULHUBid:VHN-48597
Trust: 0.1
db:PACKETSTORMid:97879
Trust: 0.1
sources:
            
            
            VULHUB: VHN-48597 // 
            
            
            
            BID: 45949 // 
            
            
            
            JVNDB: JVNDB-2011-004198 // 
            
            
            
            PACKETSTORM: 97879 // 
            
            
            
            CNNVD: CNNVD-201101-392 // 
            
            
            
            NVD: CVE-2011-0652

REFERENCES
url:http://www.securityfocus.com/bid/45949
Trust: 1.7
url:http://www.exploit-db.com/exploits/16021
Trust: 1.7
url:http://osvdb.org/70638
Trust: 1.7
url:http://secunia.com/advisories/43044
Trust: 1.7
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/64851
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0652
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-0652
Trust: 0.8
url:http://xforce.iss.net/xforce/xfdb/64851
Trust: 0.6
url:http://www.looknstop.com/en/index2.htm
Trust: 0.3
url:http://secunia.com/products/corporate/evm/
Trust: 0.1
url:http://secunia.com/advisories/43044/
Trust: 0.1
url:http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
Trust: 0.1
url:http://secunia.com/advisories/secunia_security_advisories/
Trust: 0.1
url:https://ca.secunia.com/?page=viewadvisory&vuln_id=43044
Trust: 0.1
url:http://secunia.com/products/corporate/vim/
Trust: 0.1
url:http://secunia.com/vulnerability_scanning/personal/
Trust: 0.1
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.1
url:http://secunia.com/advisories/43044/#comments
Trust: 0.1
url:http://secunia.com/advisories/about_secunia_advisories/
Trust: 0.1
sources:
            
            
            VULHUB: VHN-48597 // 
            
            
            
            BID: 45949 // 
            
            
            
            JVNDB: JVNDB-2011-004198 // 
            
            
            
            PACKETSTORM: 97879 // 
            
            
            
            CNNVD: CNNVD-201101-392 // 
            
            
            
            NVD: CVE-2011-0652

CREDITS
Heurs
Trust: 0.3
sources:
            
            
            BID: 45949

SOURCES
db:VULHUBid:VHN-48597
db:BIDid:45949
db:JVNDBid:JVNDB-2011-004198
db:PACKETSTORMid:97879
db:CNNVDid:CNNVD-201101-392
db:NVDid:CVE-2011-0652

LAST UPDATE DATE
2025-04-11T23:16:48.690000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-48597date:2017-08-17T00:00:00
db:BIDid:45949date:2015-04-13T21:01:00
db:JVNDBid:JVNDB-2011-004198date:2012-03-27T00:00:00
db:CNNVDid:CNNVD-201101-392date:2011-02-11T00:00:00
db:NVDid:CVE-2011-0652date:2025-04-11T00:51:21.963

SOURCES RELEASE DATE
db:VULHUBid:VHN-48597date:2011-01-28T00:00:00
db:BIDid:45949date:2011-01-21T00:00:00
db:JVNDBid:JVNDB-2011-004198date:2012-03-27T00:00:00
db:PACKETSTORMid:97879date:2011-01-26T01:25:39
db:CNNVDid:CNNVD-201101-392date:2011-01-30T00:00:00
db:NVDid:CVE-2011-0652date:2011-01-28T16:00:04.987