lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <40D6510F.5050001@kurczaba.com>
Date: Sun, 20 Jun 2004 23:07:59 -0400
From: Kurczaba Associates advisories <advisories@...czaba.com>
To: bugtraq@...urityfocus.com
Subject: ZoneAlarm Pro 'Mobile Code' Bypass Vulnerability


ZoneAlarm Pro 'Mobile Code' Bypass Vulnerability

http://www.kurczaba.com/securityadvisories/0406214.htm
-------------------------------------------------------------

Vulnerability ID Number:
0406214

Overview:
A vulnerability has been found in the 'Mobile Code' filter in ZoneAlarm Pro

Vendor:
ZoneLabs (http://www.zonelabs.com)

Affected Systems/Configuration:
This test was done on a Windows XP Professional machine, running ZoneAlarm Pro 5.0.590.015. The Internet Explorer version is 6, with all patches.

Vulnerability/Exploit:
The new version of ZoneAlarm Pro features "Mobile Code" blocking, which blocks potentially dangerous web objects such as ActiveX, Java Applets, and certain MIME objects. The filter blocks out any "application/*" MIME type. The "Mobile Code" filter integrates with Internet Explorer.

Unfortunately, the "Mobile Code" filter does not filter SSL content. A malicious person could lure a ZoneAlarm Pro user to a malicious SSL site with dangerous "Mobile Code" content; and ZoneAlarm Pro would not filter the "Mobile Code".

Workaround:
None so far.

Date Discovered:
June 21, 2004

Severity:
Medium

Credit:
Paul Kurczaba
Kurczaba Associates
http://www.kurczaba.com/
Visit http://www.kurczaba.com for mailing lists in Security, Encryption, Wireless, MS-Security, and Production Security.



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ