| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 16 Apr 2004 01:39:49 -0300 From: "Pablo G. Sabbatella" <pgs@...ozene.com.ar> To: "Damjan Kreft" <damjan.kreft@...l.net> Cc: bugtraq@...urityfocus.com Subject: Re: ZA Security Hole Damjan, I have just tested it in Zone Alarm Pro 4.5.538.001 and it worked exactly as you said it would, its vulnerable . hope they patch it soon... greets -- Pablo G. Sabbatella <pgs@...ozene.com.ar> http://www.kerozene.com.ar/ ------------- Reply separator ---------------- Wednesday, April 14, 2004, 5:44:50 PM, usted escribió: DK> Hello! DK> I think, I discover some kind of security hole in ZoneAlaram - any version. DK> The problem is hidding in E-mail Protection. Because I'm form Slovenia (not DK> Slovakia), our alphabet does have some letters with roof (c - č, s - š, z - DK> ž). And when the name of e-mail attachment contain any of these three DK> letters, it don't go to the qurarantine (if the attachment do have right DK> extension of course). I think that can be security threat. From this reason DK> I write to you. If this is mistake, I'm sorry to steal your time with this DK> e-mail. And sorry for my bad english :) DK> I write to ZA Labs too, but no answer. DK> Greets, Damjan
Powered by blists - more mailing lists