Re: Huge vulnerability in Zone Alarm (all versions)

From: Mimic (null_at_void.net)
Date: 02/19/04 

Date: Thu, 19 Feb 2004 22:44:21 -0000

"Tracker" <"snailmail(valid)222000"@yahoo.com> wrote in message
news:419D89C5.373B004C@yahoo.com...
>
>
> mdb wrote:
>
> > On 17 Feb 2004 19:36:35 GMT, donutbandit <none@none.com> wrote:
> >
> > >http://www.eeye.com/html/Research/Upcoming/20040213-2.html
> >
> > From the Zone Labs site:
> >
> > "A security vulnerability exists in specific versions of ZoneAlarm,
> > ZoneAlarm Pro, ZoneAlarm Plus and the Zone Labs Integrity client. This
> > vulnerability is caused by an unchecked buffer in Simple Mail Transfer
> > Protocol (SMTP) processing which could lead to a buffer overflow. In
> > order to exploit the vulnerability without user assistance, the target
> > system must be operating as an SMTP server. Zone Labs does not
> > recommend using our client security products to protect servers."
> >
> > http://download.zonelabs.com/bin/free/securityAlert/8.html
> >
> > I think calling this a 'Huge vulnerability' is bit of an exaggeration.
>
> Been using many versions of Zone Alarm and no hacker has penitrated our
> computers as of yet.
> Visit my website at http://www.geocities.com/hacking_internet_secrets
>
> Tracker
>

Yeah, the worlds dumbest person is back wh00t wh00t. 

--
Mimic
ZGF0YWZsZXhAY2FubmFiaXNtYWlsLmNvbQ==  ( www.hidemyemail.net )
"Without knowledge you have fear. With fear you create your own nightmares."
"Alzheimer's, cheaper than rohypnol"
"There are 10 types of people in the world. Those that understand Binary,
and those that dont."
"He who controls Google, controls the world".

Relevant Pages