[Vulnerabilidad] ZoneAlarm 4.x (buffer overflow)

Fuente: http://secunia.com/advisories/10921/

ZoneAlarm SMTP Processing Buffer Overflow Vulnerability

Secunia Advisory: SA10921
Release Date: 2004-02-19

Critical: Highly critical
Impact: System access
Where: From remote

Software:
Zone Labs Integrity 4.x
ZoneAlarm 4.x
ZoneAlarm Plus 4.x
ZoneAlarm Pro 4.x


Description:
eEye has discovered a vulnerability in ZoneAlarm and Integrity client,
allowing malicious people to compromise a vulnerable system.

The vulnerability is caused due to a boundary error in the SMTP
processing system. This can be exploited automatically without any
user interaction if the SMTP service is active on a protected system.

Successful exploitation allows execution of arbitrary code with SYSTEM
privileges.

The vulnerability has been reported to affect version 4.x. Prior
versions are not vulnerable.

Solution:
Update to the following versions:

* ZoneAlarm (Free, Plus, Pro) version 4.5.538.001
* Integrity client version 4.0.146.046
* Integrity client version 4.5.085

Provided and/or discovered by:
eEye Digital Security

Original Advisory:
http://download.zonelabs.com/bin/fr...ert/8.html


ZoneAlarm (cortafuegos) se le detectado una vulnerabilidad que de
explotarse podria coger privilegios del sistema (SYSTEM).

Existe ya un parche al respecto para las version ZoneAlarm 4.x
(Pro/Plus/Free).



Recomendacion:
Actualizarse lo antes posible a la nueva version que corrige esta
vulnerabilidad 4.5.538.001 en el siguiente enlace www.zonelabs.com




Ille Corvus. Hic et Nunc.

Meritorios de Filtrado (Kill-file):
jm tella llop (2003.10.25)