Full Disclosure mailing list archives
RE: Unsecure file permission of ZoneAlarm pro. (ZA will fail to load)-WASTE OF TIME
From: "Cassidy Macfarlane" <cmacfarlane () Drummond-Miller co uk>
Date: Mon, 23 Aug 2004 16:20:13 +0100
ffs Open a cmd, type 'format c: /y' Omg, phone billy g, it's a massive DoS/vuln. Get a grip bipin. If a malicious user has command line access to your system, 'zonealarm' is the last thing you should be worrying about. -----Original Message----- From: bipin gautam [mailto:visitbipin () yahoo com] Sent: 23 August 2004 15:34 To: barrie () reboot-robot net Cc: full-disclosure () lists netsys com Subject: Re: [Full-disclosure] Unsecure file permission of ZoneAlarm pro. (ZA will fail to load) --- Barrie Dempster <barrie () reboot-robot net> wrote:
In reply to my own previous email, I assumed ZA would fail, as others have on this list, with an EVERYONE:DENY security policy, however this isn't the case. ZA 5.1 PRO Trial version will change this to EVERYONE:FULL for the duration of the program after which it will then change these settings back to the original EVERYONE:DENY. This throws out the DoS theory, but the permissions are still extremely permissive, if the "truevector driver" was to have issues with it's integrity checks then the files in this folder would be easily compromised.
not really, just simply, go to internet log directory and , do ..\..\Internet Logs\>attrib/s +h +s +r +a *.* next time Zap'S "truevector driver" will fail to load. when the pc reboots or zap restarts... bipin ps: thanks for the 'Rant's-&-Raves' regarding NTFS (O; __________________________________ Do you Yahoo!? Yahoo! Mail Address AutoComplete - You start. We finish. http://promotions.yahoo.com/new_mail _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: Unsecure file permission of ZoneAlarm pro. (ZA will fail to load)-WASTE OF TIME Cassidy Macfarlane (Aug 23)