-
April 17th, 2004, 07:27 PM
#1
ZoneAlarm possible vulnerability
A new vulnerability has been discovered and slightly tested concerning the email protection in ZoneAlarm. Feel free to try this and comment on your findings.
Some languages contain letters with roof characters (c - è, s - š, z -
ž). If the name of e-mail attachment has any of these letters, it will allow any type of file attachment to bypass the firewall and bypass being quarantined. This will allow attackers to email .exe attachments without ZA picking it up and quarantineing it.
Zone Labs has been notified but has not responded as of yet.
Vulnerability originally discovered by Damjan Kreft.
xmaddness
Planet Maddness Industries
http://www.planetmaddness.com
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|