Paul Laudanski wrote: >> This "exploit" was tested by members at CastleCops and found to be untrue:
Unfortunately not !! Besides Zone Alarm free version it has been tested for ZA Pro 3x and it works like a charm. Again Symantec SecurityFocus has probably tested this for ZA Pro 5.1. so they have mentioned the vulnerable version here http://securityfocus.com/bid/14966 I am not sure whether ZoneLabs has tested this or not, as I found ZA Pro 3x to be vulnerable but seems it has not appear in the advisory's affected s/ws list http://download.zonelabs.com/bin/free/securityAlert/35.html . As per the advisory only the ZA free version is vulnerable.... I am afraid this is incorrect ... - D -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Paul Laudanski Sent: Friday, September 30, 2005 3:11 AM To: [EMAIL PROTECTED] Cc: [email protected]; [email protected] Subject: [Full-disclosure] Re: Bypassing Personal Firewall (Zone Alarm Pro)Using DDE-IPC On 29 Sep 2005 [EMAIL PROTECTED] wrote: > It is issue with almost all the firewalls firewalls don't protect the > running applications themselves.I think i don't get is what does it > have to do with DDE ?.Also one can read firewall ACL from the settings > and inject code into the running trusted process. This "exploit" was tested by members at CastleCops and found to be untrue: http://castlecops.com/postlite134369-.html Snapshots also provided. -- Paul Laudanski, Microsoft MVP Windows-Security CastleCops(SM), http://castlecops.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
