Dit is een beveiligingsupdate. Je PC is alleen kwetsbaar als je een SMTP-server achter je ZoneAlarm-firewall draait.
Zone Labs SMTP Processing Vulnerability
Overview: A security vulnerability exists in specific versions of ZoneAlarm ZoneAlarm Pro, ZoneAlarm Plus and the Zone Labs Integrityclient. This vulnerability is caused by an unchecked buffer in Simple Mail Transfer Protocol (SMTP) processing which could lead to a buffer overflow. In order to exploit the vulnerability without user assistance, the target system must be operating as an SMTP server. Zone Labs does not recommend using our client security products to protect servers.
Upgrading an affected Zone Labs product will remove this vulnerability.
Date Published: February 18, 2004
Last Update: February 18, 2004
Impact: If successfully exploited, a skilled attacker could cause the firewall to stop processing traffic, execute arbitrary , or elevate malicious privileges.
Zone Labs recommends affected users update their software to the current versions which address the issue.
ZoneAlarm family of products and Integrity client versions 4.0 and above.
ZoneAlarm and Integrity client versions earlier than 4.0.
Integrity Server and Integrity Clientless Security products are not affected.
Description: Zone Labs desktop security products process SMTP in order to perform various security functions. Due to an unchecked buffer in the SMTP processing system, a skilled attacker could cause the firewall to stop processing traffic or execute arbitrary .
Successful exploitation requires one of the following scenarios and applies only to SMTP traffic:
A program listening on port 25/TCP (SMTP) of the target system. This condition is usually only present on SMTP servers. Zone Labs does not recommend using our client security products to protect servers.
A malicious program running on the protected system could trigger the buffer overflow and gain SYSTEM privileges if the user or administrator has given it permission to access the network.
In all cases, the program requesting network access must be approved by the user through the Program Control policy.
Recommended Actions: ZoneAlarm, ZoneAlarm Plus, and ZoneAlarm Pro users should upgrade to version: 4.5.538.001.