Full Disclosure mailing list archives
Re: Different Claims by ZoneLabs on the "Bypassing PersonalFirewall (Zone Alarm Pro) Using DDE-IPC" issue
From: Paul Laudanski <zx () castlecops com>
Date: Sun, 2 Oct 2005 14:13:17 -0400 (EDT)
On Sun, 2 Oct 2005, Debasis Mohanty wrote:
Note: This respose is especially towards Zone Labs Advisory on "Bypassing PersonalFirewall (Zone Alarm Pro) Using DDE-IPC" issue. Hi, In your advisory (http://download.zonelabs.com/bin/free/securityAlert/35.html) regarding this issue, you have mentioned that only the Free Version of ZA is vulnerable and ZA Pro is in the un-affected list. Without downplaying your advisory on this issue, I want to confirm that I have tested this for ZA Pro 3.7.159 and found vulnerable. Although the current version (6.0) is not vulnerable. IMHO It will be a big mistake to conscider all versions of Zone Alarm Pro is un-affected. ZoneLabs advisory on this is only valid for the current version (6.0) of ZA Pro which I have tested and found it to be unaffected.
Again, the ZAP report by the vendor indicates and I quote: ^^^ ZoneAlarm Pro, ZoneAlarm AntiVirus, ZoneAlarm Wireless Security, and ZoneAlarm Security Suite version 6.0 or later automatically protect against this attack in the default configuration. ZoneAlarm Pro, ZoneAlarm AntiVirus, ZoneAlarm Wireless Security, and ZoneAlarm Security Suite version 5.5 are protected against this attack by enabling the .Advanced Program Control. feature. Check Point Integrity client versions 6.0 and 5.1 are protected against this attack by enabling the .Advanced Program Control. feature. ^^^ This does not include the version 3.7.159 you are testing. In my interpretation of the report the vendor is not stating that said version is "unaffected". Ergo... time to upgrade! -- Paul Laudanski, Microsoft MVP Windows-Security CastleCops(SM), http://castlecops.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Different Claims by ZoneLabs on the "Bypassing PersonalFirewall (Zone Alarm Pro) Using DDE-IPC" issue Debasis Mohanty (Oct 01)
- Re: Different Claims by ZoneLabs on the "Bypassing PersonalFirewall (Zone Alarm Pro) Using DDE-IPC" issue Paul Laudanski (Oct 02)
- <Possible follow-ups>
- RE: Different Claims by ZoneLabs on the "Bypassing PersonalFirewall (Zone Alarm Pro) Using DDE-IPC" issue Paul Laudanski (Oct 03)
- RE: Different Claims by ZoneLabs on the "Bypassing PersonalFirewall (Zone Alarm Pro) Using DDE-IPC" issue Paul Laudanski (Oct 03)