SECURITY ALERT: Browser + Windows vs. Outpost firewall (BUG) !
Saturday, 10. May 2008, 21:06:02
UPDATE: the page has been fixed (sometime between 10. & 12. May 2008)
and does no longer shoot-down Outpost.
----------------------------------------
Alert source: my self, I have observed it by random while browseing.
Recommendation: change Firewall and/or Operatingsystem till bugfix -> a browser
change makes NO sense, because ALL actual (and older) browsers are affected.
No other recommendations, because it can hit YOU everythere in the web.
The following Page (and some other -> example: some pages of www.myvideo.de)
causing firewall shoot-down without any warning and it successfully
functions with ALL actual browsers (including Opera)
"http://video.web.de/watch/4031536"
(normally no eavil page, but could be maipullated)-> NOTE: This page will shoot-down Outpost (Firewall) pro 2008! You can restart Outpost by logout and login as administrator >
Go: Start > Run > enter "services.msc" > select "Agnitum Client Security Service" and click at Start.
AFFECTED Software:
1. ANY actual Browser:
*Opera 9.27
*Opera 9.50 beta2 b9945
*Opera 9.50 beta b9972
*Safari 3.1.1 (525.17)
*FireFox 2.0.1.4
(FireFox 3 beta 5 is not tested, because two paralel installed
versions of FireFox causes heavy FireFox-Problems)
*SeaMonkey 1.1.9 (see FireFox)
*IE 7.0.5730.13 (up to date -> 08.05.2008)
(all 4 zones set to highest settings)
*eaven old browsers like opera 8.54
2. Windows XP SP2 and
Windows XP SP3 (both fully patched)
with IE 7 (7.0.5730.13 up to date)
(and possibly IE6 too -> untested)
Eaven when using an password protected
restricted user account.
(eaven when the most dangerous services
[like Upnp service] are deactivated)
INFO: Not tested with Windows VISTA.
3. Outpost pro 2008 (v6.0.2162.205.0402)
and possibliy other versions
Successfull (security-) Bug demonstration does NOT require:
-animated pictures
-Pictures
-Javascript
-Java
-Flash
-other plugins
-webpage sounds
-cookies
-referer
-ActiveX (IE only).
-Network/Internet-access of other applications
(including widows system applications).
-administrator-previleges.
-> an additional router-Firewall makes no difference!
See Picture: http://my.opera.com/masterofopera/albums/showpic.dml?album=517465&picture=7281930
Edit: Reported to Opera (bug-329284@...)
Reported to Agnitum (outpost)
Will report to Micro$oft when getting an E-Mail Adress, where I can report it
--------------------------------------------
NOT Affected (secure) :
Operamini 4.1 beta on Microemulator 2.0.2 with
java (JRE) 1.6 update 6 on WinXP SP2 & SP3
and does no longer shoot-down Outpost.
----------------------------------------
Alert source: my self, I have observed it by random while browseing.
Recommendation: change Firewall and/or Operatingsystem till bugfix -> a browser
change makes NO sense, because ALL actual (and older) browsers are affected.
No other recommendations, because it can hit YOU everythere in the web.
The following Page (and some other -> example: some pages of www.myvideo.de)
causing firewall shoot-down without any warning and it successfully
functions with ALL actual browsers (including Opera)
"http://video.web.de/watch/4031536"
(normally no eavil page, but could be maipullated)-> NOTE: This page will shoot-down Outpost (Firewall) pro 2008! You can restart Outpost by logout and login as administrator >
Go: Start > Run > enter "services.msc" > select "Agnitum Client Security Service" and click at Start.
AFFECTED Software:
1. ANY actual Browser:
*Opera 9.27
*Opera 9.50 beta2 b9945
*Opera 9.50 beta b9972
*Safari 3.1.1 (525.17)
*FireFox 2.0.1.4
(FireFox 3 beta 5 is not tested, because two paralel installed
versions of FireFox causes heavy FireFox-Problems)
*SeaMonkey 1.1.9 (see FireFox)
*IE 7.0.5730.13 (up to date -> 08.05.2008)
(all 4 zones set to highest settings)
*eaven old browsers like opera 8.54
2. Windows XP SP2 and
Windows XP SP3 (both fully patched)
with IE 7 (7.0.5730.13 up to date)
(and possibly IE6 too -> untested)
Eaven when using an password protected
restricted user account.
(eaven when the most dangerous services
[like Upnp service] are deactivated)
INFO: Not tested with Windows VISTA.
3. Outpost pro 2008 (v6.0.2162.205.0402)
and possibliy other versions
Successfull (security-) Bug demonstration does NOT require:
-animated pictures
-Pictures
-Javascript
-Java
-Flash
-other plugins
-webpage sounds
-cookies
-referer
-ActiveX (IE only).
-Network/Internet-access of other applications
(including widows system applications).
-administrator-previleges.
-> an additional router-Firewall makes no difference!
See Picture: http://my.opera.com/masterofopera/albums/showpic.dml?album=517465&picture=7281930
Edit: Reported to Opera (bug-329284@...)
Reported to Agnitum (outpost)
Will report to Micro$oft when getting an E-Mail Adress, where I can report it
--------------------------------------------
NOT Affected (secure) :
Operamini 4.1 beta on Microemulator 2.0.2 with
java (JRE) 1.6 update 6 on WinXP SP2 & SP3
(0%)
