mailing list archives
FreezeX file access vulnerability
From: Xenzeo <xenzeo () blackhat dk>
Date: Mon, 20 Dec 2004 21:02:08 +0100
Faronics FreezeX v. 1.00.100.0666
FreezeX is a program that promise, it can prevent executable files from
beeing run on windows OS.
FreezeX has a database of every file from when it was installed (db.fzx)
this file i located in C:\Program Files\Faronics\FreezeX\db.fzx, this
file seems inaccessable, when trying accessing this directory, windows
reports Access Denied from "dos" and windows.
Though one with administrative access can simply overwrite this file
with misc data, resulting in killing FreezeX
Proof Of Concept:
C:\> echo "diediedie" > C:\Program Files\Faronices\Freezex\db.fzx
Reboot windows, and FreezeX can no longer determine what
files have permission to be run, and needs to be reinstalled
to work again.
Faronics know of this and promises it will be fixed shortly.
Full-Disclosure - We believe in it.
- FreezeX file access vulnerability Xenzeo (Dec 22)