lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 2 Oct 2005 14:13:17 -0400 (EDT)
From: Paul Laudanski <zx@...tlecops.com>
To: Debasis Mohanty <mail@...kingspirits.com>
Cc: bugtraq@...urityfocus.com, full-disclosure@...ts.grok.org.uk,
	'Zone Labs Security Team' <security@...elabs.com>
Subject: Re: Different Claims by ZoneLabs on the "Bypassing
	PersonalFirewall (Zone Alarm Pro) Using DDE-IPC" issue


On Sun, 2 Oct 2005, Debasis Mohanty wrote:

> Note: 
> This respose is especially towards Zone Labs Advisory on "Bypassing
> PersonalFirewall (Zone Alarm Pro) Using DDE-IPC" issue. 
> 
> 
> Hi,
> In your advisory
> (http://download.zonelabs.com/bin/free/securityAlert/35.html) regarding this
> issue, you have mentioned that only the Free Version of ZA is vulnerable and
> ZA Pro is in the un-affected list. Without downplaying your advisory on this
> issue, I want to confirm that I have tested this for ZA Pro 3.7.159 and
> found vulnerable. Although the current version (6.0) is not vulnerable. 
> 
> IMHO It will be a big mistake to conscider all versions of Zone Alarm Pro is
> un-affected. ZoneLabs advisory on this is only valid for the current version
> (6.0) of ZA Pro which I have tested and found it to be unaffected. 

Again, the ZAP report by the vendor indicates and I quote:

^^^
ZoneAlarm Pro, ZoneAlarm AntiVirus, ZoneAlarm Wireless Security, and 
ZoneAlarm Security Suite version 6.0 or later automatically protect 
against this attack in the default configuration. 

ZoneAlarm Pro, ZoneAlarm AntiVirus, ZoneAlarm Wireless Security, and 
ZoneAlarm Security Suite version 5.5 are protected against this attack by 
enabling the .Advanced Program Control. feature. 

Check Point Integrity client versions 6.0 and 5.1 are protected against 
this attack by enabling the .Advanced Program Control. feature. 
^^^

This does not include the version 3.7.159 you are testing.  In my 
interpretation of the report the vendor is not stating that said version 
is "unaffected".   Ergo... time to upgrade!

-- 
Paul Laudanski, Microsoft MVP Windows-Security
CastleCops(SM), http://castlecops.com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Powered by blists - more mailing lists