Check Point Zone Labs was forced to patch a number of vulnerabilities with its products, including their firewall and anti-virus software.Multiple input validation flaws as well as an insecure permission escalation problem with Zone Labs products required a series of fixes to correct.
iDefense Labs reported on those problems in a pair of advisories. In the privilege escalation scenario, local exploitation of the flaw could have led to disabling protection.
The default Access Control List settings have been blamed for this. ''Some of the programs run as system services,'' said iDefense. ''This allows a user to simply replace an installed ZoneAlarm file with their own code that will later be executed with system-level privileges.''
Input validation problems could have permitted arbitrary code execution. ''The problems specifically exist within the IOCTL handling code in the vsdatant.sys device driver,'' the advisory said.
If exploited, an attacker could gain complete control of the targeted machine. Existence of the problem has been confirmed in the widely used free version of the ZoneAlarm firewall product.
1 Comment
Add this link to...
Tell a friend
Bury
Comments
Zone Alarm... Sure, you're safe with them! RIGHT!!!