Full Disclosure mailing list archives
RE: Different Claims by ZoneLabs on the "BypassingPersonalFirewall (Zone Alarm Pro) Using DDE-IPC" issue
From: "Todd Towles" <toddtowles () brookshires com>
Date: Mon, 3 Oct 2005 19:11:28 -0500
If a bulb in my car was found to cause a fire in certain models from a certain manufacturer, I would want to know exactly which one were in danger...not the other way around. Has ZA tested the other versions? They know 6 isn't vulnerable but if they don't say that 3 is vulnerable then we have to "assume" they are. That isn't any type of security advisory IMHO. It just makes the company look like they care more about making you buy the new version as opposed to protecting their customers. Just my 2 cents -Todd
-----Original Message----- From: full-disclosure-bounces () lists grok org uk [mailto:full-disclosure-bounces () lists grok org uk] On Behalf Of Paul Laudanski Sent: Monday, October 03, 2005 6:55 PM To: Debasis Mohanty Cc: bugtraq () securityfocus com; full-disclosure () lists grok org uk; 'Zone Labs Security Team' Subject: RE: [Full-disclosure] Different Claims by ZoneLabs on the "BypassingPersonalFirewall (Zone Alarm Pro) Using DDE-IPC" issue On Mon, 3 Oct 2005, Debasis Mohanty wrote:Paul Laudanski What I'm saying is that the vendor never claimed ZAPversions priorto 5are not vulnerable in the report. Funny Paul!! You are simple exaggerating upon the samepoint again andagain in a new style each time. Well, They don't even say that ZAP versions prior to v5 are vulnerable in their advisory.Glad I made you laugh. We are at odds in this clearly. Zone Labs aka Cisco imvho has issued a fair and accurate release indicating what is not vulnerable and thereby conversely you know which products are. To that end... I move on. Paul Laudanski, Microsoft MVP Windows-Security CastleCops(SM), http://castlecops.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- RE: Different Claims by ZoneLabs on the "BypassingPersonalFirewall (Zone Alarm Pro) Using DDE-IPC" issue Todd Towles (Oct 03)
- <Possible follow-ups>
- RE: Different Claims by ZoneLabs on the "BypassingPersonalFirewall (Zone Alarm Pro) Using DDE-IPC" issue Bart Lansing (Oct 04)
- RE: Different Claims by ZoneLabs on the "BypassingPersonalFirewall (Zone Alarm Pro) Using DDE-IPC" issue Todd Towles (Oct 04)