CIS 4.1 scored 320/340 on leak test

lironjan · June 3, 2010, 5:54am

Hello everyone,

I test the sandbox using CLT ver 1.1.0.3. 2 vulnerables:
I got an alert that tells me about unlimited access and I press “Sandbox”

Impersonation: DDE Vulnerable
Impersonation: Coat Vulnerable

Without the sandbox I got 330/340 on “Safe Mode”

Impersonation: Coat Vulnerable

JoWa · June 3, 2010, 6:40am

Sandbox enabled: 330/340
24. Impersonation: DDE Vulnerable

Sandbox disabled: 340/340

XP SP3

lironjan · June 3, 2010, 6:49am

your settings? BTW: I’m using XP SP2, is that really matter?

JoWa · June 3, 2010, 6:59am

Proactive Security, Safe Mode (FW/D+).

lironjan · June 3, 2010, 7:50am

after reinstalling CIS in Proactive Security I tried again and the same resulst happaned.

May it be because I have IE 6 (maybe self-defence)?

languy99 · June 3, 2010, 7:55am

I think this is just a glich in the sandbox, when I ran the sandbox in the pre-release version it blocked everything in CLT. I have a feeling with making it more compatible sometimes other things go wacky. I’m sure it will get fixed in future releases.

lironjan · June 3, 2010, 8:24am

Can Comodo publish the pre-realease version so I can test it?

Raph4 · June 3, 2010, 9:04am

all it’s ok here. 340/340

ps: on Windows 7 x64

[attachment deleted by admin]

iroc9555 · June 3, 2010, 5:07pm

Hi guys.

Same here. Running XP pro_86 Spk3. CFW 4.1 Firewall in safe mode and D+ in safe mode. Sand-boxed CLT.exe. Ran test and blocked all pop-ups. I get Impersonation: DDE vulnerable.

@ languy99.
I watched your video with early version of 4.1. Nice work. I was still running 3.14 and that is why I decided to try V.4.1; However, this V. 4.1.xxxxx.916 is not entirely bug free.

[attachment deleted by admin]

lironjan · June 3, 2010, 5:55pm

you are lucky, I got 25. Impersonation: Coat Vulnerable with sandbox off and D+ in safe mode…
it looks like I am the only one with this bug…

MOVEAX · June 3, 2010, 6:01pm

https://forums.comodo.com/news-announcements-feedback-cis/comodo-internet-security-41149672916-released-t57051.0.html;msg401479#msg401479

lironjan · June 3, 2010, 6:09pm

Hi MOVEAX,

thanks, at least now it will be watched. I had also 340/340 on earlier versions.

nalacknick · June 3, 2010, 7:38pm

Win XP sp2
latest 4.1 CIS

I tested 4.1 using CLT ver 1.1.0.3. 2
running in “Sandbox”

Impersonation: DDE Vulnerable
Impersonation: Coat Vulnerable
Highjacking: activedesktop Error
Score 310/340

Sandbox disabled

Impersonation: Coat Vulnerable
Highjacking: activedesktop Error
Score 320/340

CIS 3.14 used to get 340/340

Devs please can you look into this

Chiron494 · June 3, 2010, 9:09pm

I am in Proactive Security, Windows 7 x64. I have all boxes checked under the Sandbox tab.

When I get the elevated priviliges I choose to run CLT Sandboxed. I choose the block option in all popups I get.

I fail the following tests:

Impersonation: ExplorerAsParent

Impersonation: DDE

Impersonation: Coat

CLT is also able to open two instances of Internet Explorer, which was not open when I started the test. One of these has one tab open and says “Connecting…”, but nothing happens.
In the second instance it opens 3 tabs. The first is Blank, the second is this http://www.comodo.com/images/style/logo.gif
and the third displays my results.
Like I said, I chose to block any alerts I received. What am I doing wrong? Thanks.

Oh, and if I disable the Sandbox I pass all tests.

Edit: I just noticed that I get a warning for Comodo Logo. This pic is also now attached.

[attachment deleted by admin]

lironjan · June 4, 2010, 5:33am

It seem like the bug appears in XP SP2.

nalacknick · June 4, 2010, 6:24am

Looking at previous postings I don’t think it is only a sp2 problem. I think there may be more to it than that??

lironjan · June 4, 2010, 7:10am

I relate to the bug without the Sandbox.

my system is XP sp 2 and also yours. other peaple report that they had 340/340 on other systems (win 7 for example) the only person who didn’t report his OS is MOVEAX.

JoWa also report that his OS is XP SP 3 and has 340/340 without the Sandbox, with it it’s 330/340.
The vulnerables with the Sandbox indicate that the Sandbox is not bug free, but what that disturbing are the results without the Sandbox.

Maxxwire · June 4, 2010, 8:20pm

After I saw your video demonstration of the pre-release v4.1 showing that it scored 340/340 on the CLT with default settings I downloaded and installed it on my Vista computer on the day of its release only to get a dismal 120/340 score with the default settings. After the auto detection was disabled in the Sandbox v4.1 scored 320/340 and finally a perfect 340/340 with the Sandbox disabled. As soon as the bugs are worked out I plan on doing a permanent upgrade from the ever faithful and always perfect scoring v3.14.

~Maxx~

[attachment deleted by admin]

nalacknick · June 4, 2010, 8:27pm

I just updated my xp to sp3 and CLT still failed on no.25 and 34. I tried lots of variations (paranoid mode - pro acitve security - sandbox on and off) but still no joy. The best result was with sandbox disabled. I don’t know why my no.34 active desktop keeps saying Error though? I even uninstalled CLT and reinstalled but still came up with same results.
So for me it’s not just win XP sp2 related as I still don’t pass CLT with sp3 either

Jemcik · June 4, 2010, 9:18pm

Perfect, Comodo, as good, as it can be
340/340!

[attachment deleted by admin]