Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Unsecure file permission of ZoneAlarm pro. (ZA will fail to load)

From: bipin gautam <visitbipin () yahoo com>
Date: Mon, 23 Aug 2004 07:34:27 -0700 (PDT)

--- Barrie Dempster <barrie () reboot-robot net> wrote:


In reply to my own previous email, I assumed ZA
would fail, as others
have on this list, with an EVERYONE:DENY security
policy, however this
isn't the case.
ZA 5.1 PRO Trial version will change this to
EVERYONE:FULL for the
duration of the program after which it will then
change these settings
back to the original EVERYONE:DENY. This throws out
the DoS theory, but
the permissions are still extremely permissive, if
the "truevector
driver" was to have issues with it's integrity
checks then the files in
this folder would be easily compromised.



not really, just simply, go to  internet log directory
and , do

..\..\Internet Logs\>attrib/s +h +s +r +a *.*

next time Zap'S "truevector driver" will fail to load.
when the pc reboots or zap restarts...

bipin

ps: thanks for the 'Rant's-&-Raves' regarding NTFS (O; 


                
__________________________________
Do you Yahoo!?
Yahoo! Mail Address AutoComplete - You start. We finish.
http://promotions.yahoo.com/new_mail 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: