[Vulnerabilidad] ZoneAlarm 4.x (buffer overflow)

19/02/2004 - 17:14 por Ille Corvus | Informe spam
Fuente: http://secunia.com/advisories/10921/

ZoneAlarm SMTP Processing Buffer Overflow Vulnerability

Secunia Advisory: SA10921
Release Date: 2004-02-19

Critical: Highly critical
Impact: System access
Where: From remote

Software:
Zone Labs Integrity 4.x
ZoneAlarm 4.x
ZoneAlarm Plus 4.x
ZoneAlarm Pro 4.x


Description:
eEye has discovered a vulnerability in ZoneAlarm and Integrity client,
allowing malicious people to compromise a vulnerable system.

The vulnerability is caused due to a boundary error in the SMTP
processing system. This can be exploited automatically without any
user interaction if the SMTP service is active on a protected system.

Successful exploitation allows execution of arbitrary code with SYSTEM
privileges.

The vulnerability has been reported to affect version 4.x. Prior
versions are not vulnerable.

Solution:
Update to the following versions:

* ZoneAlarm (Free, Plus, Pro) version 4.5.538.001
* Integrity client version 4.0.146.046
* Integrity client version 4.5.085

Provided and/or discovered by:
eEye Digital Security

Original Advisory:
http://download.zonelabs.com/bin/fr...ert/8.html


ZoneAlarm (cortafuegos) se le detectado una vulnerabilidad que de
explotarse podria coger privilegios del sistema (SYSTEM).

Existe ya un parche al respecto para las version ZoneAlarm 4.x
(Pro/Plus/Free).



Recomendacion:
Actualizarse lo antes posible a la nueva version que corrige esta
vulnerabilidad 4.5.538.001 en el siguiente enlace www.zonelabs.com




Ille Corvus. Hic et Nunc.

Meritorios de Filtrado (Kill-file):
jm tella llop (2003.10.25)
 

Leer las respuestas

#1 JM Tella Llop [MVP Windows]
19/02/2004 - 17:48 | Informe spam
que raro... ¿no?...

y luego encima criticas cuando yo aconsejo usar al unico que no se le han encontrado vulnerabilidades en los dos años que lleva: el propio de XP.

Repito... al "unico".

Jose Manuel Tella Llop
MVP - Windows

http://www.multingles.net/jmt.htm
Este mensaje se proporciona "como está" sin garantías de ninguna clase, y no otorga ningún derecho.
This posting is provided "AS IS" with no warranties, and confers no rights.
You assume all risk for your use.


"Ille Corvus" wrote in message news:
Fuente: http://secunia.com/advisories/10921/

ZoneAlarm SMTP Processing Buffer Overflow Vulnerability

Secunia Advisory: SA10921
Release Date: 2004-02-19

Critical: Highly critical
Impact: System access
Where: From remote

Software:
Zone Labs Integrity 4.x
ZoneAlarm 4.x
ZoneAlarm Plus 4.x
ZoneAlarm Pro 4.x


Description:
eEye has discovered a vulnerability in ZoneAlarm and Integrity client,
allowing malicious people to compromise a vulnerable system.

The vulnerability is caused due to a boundary error in the SMTP
processing system. This can be exploited automatically without any
user interaction if the SMTP service is active on a protected system.

Successful exploitation allows execution of arbitrary code with SYSTEM
privileges.

The vulnerability has been reported to affect version 4.x. Prior
versions are not vulnerable.

Solution:
Update to the following versions:

* ZoneAlarm (Free, Plus, Pro) version 4.5.538.001
* Integrity client version 4.0.146.046
* Integrity client version 4.5.085

Provided and/or discovered by:
eEye Digital Security

Original Advisory:
http://download.zonelabs.com/bin/fr...ert/8.html


ZoneAlarm (cortafuegos) se le detectado una vulnerabilidad que de
explotarse podria coger privilegios del sistema (SYSTEM).

Existe ya un parche al respecto para las version ZoneAlarm 4.x
(Pro/Plus/Free).



Recomendacion:
Actualizarse lo antes posible a la nueva version que corrige esta
vulnerabilidad 4.5.538.001 en el siguiente enlace www.zonelabs.com




Ille Corvus. Hic et Nunc.

Meritorios de Filtrado (Kill-file):
jm tella llop (2003.10.25)

Preguntas similares