RE: Possible ZoneAlarm 3 Problem???

[Steve Vawter <svawter () zonelabs com>]

While I cannot confirm your findings (no time), I have walked this report
upstairs to the product manager.

Steve Vawter
UNIX SYSTEM ADMINISTRATOR
Zone Labs, Inc.
1060 Howard Street
San Francisco CA 94103
ph    415-341-8323
fax   415-341-8299
cell  510-409-9184
pager 877-933-0549

-----Original Message-----
From: Nathan Anderson [mailto:nathan () andersonsplace net]
Sent: Wednesday, May 08, 2002 3:11 PM
To: vuln-dev () securityfocus com
Subject: Possible ZoneAlarm 3 Problem???


        I was doing some surfing the web yesterday and one of the web sites
haven't
been to for a while had some weird characters around the web site.  At first
I assumed that they were doing some debugging since it appeared to be random
4 digit codes in random places on the web site.  Later in that same session
I had some problems viewing one of the theme demo pages on the same site; so
I disabled the Privacy system in ZA and notice that the web site worked
properly without the codes.  So I investigated it a little more and here are
the results of my tests:

1. I.E. 5.5 & Netscape 4.7x will both show the page with random 4 digit
codes randomly through the page.
2. Netscape 6.2.1 won't show the page -- the view source for the page only
shows "< html>< body>< /body>< /html>" (without the spaces)
3. Opera 6.01 refuses to do anything with the page.

If I disable the Zone Alarms Privacy features (i.e. Click on the Browser in
Program Control->Programs and turn off Privacy) all the browsers work
properly as then ZA is no longer filtering the connection.

I filled out the form on ZA's website to report this and got back a nice
canned response that had nothing to do with the problem I reported.  So I
replied and got another stupid response from them that again had very little
to do with the problem.

So can someone confirm this problem:

I'm using Windows 2000 fully patched.
Zone Alarm 3.0.118 (Latest Version)
The web site www.phpbb.com.

Nathan.