CVE-2007-0333

Name of the Vulnerable Software and Affected Versions: Agnitum Outpost Firewall PRO version 4.0

Description: The issue allows local users to bypass access restrictions. This is achieved by creating links using FileLinkInformation requests with the ZwSetInformationFile function. It has been demonstrated that this can be used to insert Trojan horse drivers into the product's installation directory, such as modifying SandBox.sys.

Recommendations: For Agnitum Outpost Firewall PRO version 4.0, consider restricting access to the installation directory to prevent unauthorized modifications until a fix is available. As a temporary workaround, avoid using the ZwSetInformationFile function for creating links with FileLinkInformation requests.