I'm not sure I see why this is a vulnerability. Think about it, ZA has configurable settings for the Local zone "High" "Medium" and "Low". Each setting has bullets describing level of protection provided, so it shouldn't be any surprise. So, in a nutshell........ If you're worried about all of that, set it to "HIGH"!
If the Class B network thing is an issue, then the company or individual has to do some serious work on protecting their network. If you're allowing unsolicited traffic from an entire class B network that you DON'T own into your network, you deserve whatever is coming to you.
Sorry if I didn't explain it very thoroughly, but I didn't want to take up the whole thread. If there's anything I can clear up, let me know.................
