Full Disclosure mailing list archives
RE: Re: Bypassing Personal Firewall (Zone Alarm Pro)Using DDE-IPC
From: "Debasis Mohanty" <mail () hackingspirits com>
Date: Sat, 1 Oct 2005 00:22:27 +0530
Paul Laudanski wrote:
This "exploit" was tested by members at CastleCops and found to be
untrue: Unfortunately not !! Besides Zone Alarm free version it has been tested for ZA Pro 3x and it works like a charm. Again Symantec SecurityFocus has probably tested this for ZA Pro 5.1. so they have mentioned the vulnerable version here http://securityfocus.com/bid/14966 I am not sure whether ZoneLabs has tested this or not, as I found ZA Pro 3x to be vulnerable but seems it has not appear in the advisory's affected s/ws list http://download.zonelabs.com/bin/free/securityAlert/35.html . As per the advisory only the ZA free version is vulnerable.... I am afraid this is incorrect ... - D -----Original Message----- From: full-disclosure-bounces () lists grok org uk [mailto:full-disclosure-bounces () lists grok org uk] On Behalf Of Paul Laudanski Sent: Friday, September 30, 2005 3:11 AM To: warl0ck () linuxmail org Cc: full-disclosure () lists grok org uk; bugtraq () securityfocus com Subject: [Full-disclosure] Re: Bypassing Personal Firewall (Zone Alarm Pro)Using DDE-IPC On 29 Sep 2005 warl0ck () linuxmail org wrote:
It is issue with almost all the firewalls firewalls don't protect the running applications themselves.I think i don't get is what does it have to do with DDE ?.Also one can read firewall ACL from the settings and inject code into the running trusted process.
This "exploit" was tested by members at CastleCops and found to be untrue: http://castlecops.com/postlite134369-.html Snapshots also provided. -- Paul Laudanski, Microsoft MVP Windows-Security CastleCops(SM), http://castlecops.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Bypassing Personal Firewall (Zone Alarm Pro) Using DDE-IPC Debasis Mohanty (Sep 28)
- <Possible follow-ups>
- Re: Bypassing Personal Firewall (Zone Alarm Pro) Using DDE-IPC Paul Laudanski (Sep 29)
- RE: Re: Bypassing Personal Firewall (Zone Alarm Pro)Using DDE-IPC Debasis Mohanty (Sep 30)