lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 30 Sep 2005 17:54:36 -0400 (EDT) From: Paul Laudanski <zx@...tlecops.com> To: Debasis Mohanty <mail@...kingspirits.com> Cc: full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com, warl0ck@...uxmail.org Subject: RE: Re: Bypassing Personal Firewall (Zone Alarm Pro)Using DDE-IPC On Sat, 1 Oct 2005, Debasis Mohanty wrote: > Paul Laudanski wrote: > >> This "exploit" was tested by members at CastleCops and found to be > untrue: > > Unfortunately not !! Besides Zone Alarm free version it has been tested for > ZA Pro 3x and it works like a charm. Again Symantec SecurityFocus has > probably tested this for ZA Pro 5.1. so they have mentioned the vulnerable > version here http://securityfocus.com/bid/14966 If you're still using version 3 its time to upgrade. There is a version 6 out now. And in their press release, only the free is affected. -- Paul Laudanski, Microsoft MVP Windows-Security CastleCops(SM), http://castlecops.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists