Bugtraq mailing list archives
Re: Bypassing Personal Firewall (Zone Alarm Pro) Using DDE-IPC
From: Paul Laudanski <zx () castlecops com>
Date: Thu, 29 Sep 2005 17:41:13 -0400 (EDT)
On 29 Sep 2005 warl0ck () linuxmail org wrote:
It is issue with almost all the firewalls firewalls don't protect the running applications themselves.I think i don't get is what does it have to do with DDE ?.Also one can read firewall ACL from the settings and inject code into the running trusted process.
This "exploit" was tested by members at CastleCops and found to be untrue: http://castlecops.com/postlite134369-.html Snapshots also provided. -- Paul Laudanski, Microsoft MVP Windows-Security CastleCops(SM), http://castlecops.com
Current thread:
- Bypassing Personal Firewall (Zone Alarm Pro) Using DDE-IPC Debasis Mohanty (Sep 28)
- <Possible follow-ups>
- Re: Bypassing Personal Firewall (Zone Alarm Pro) Using DDE-IPC warl0ck (Sep 29)
- Re: Bypassing Personal Firewall (Zone Alarm Pro) Using DDE-IPC Paul Laudanski (Sep 30)