| VID |
28093 |
| Severity |
30 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The ZoneAlarm Pro, according to its version number, has a Denial of Service Vulnerability via insecure file permission.
ZoneAlarm is a personal firewall and threat detection/prevention program developed by Zone Labs for Windows Platforms. ZoneAlarm Pro versions 4.x and 5.x is vulnerable to a local denial of service attack, caused by insecure file permissions on the '%windir%\Internet Logs' directory that are set to 'Everyone/Full Control' permissions by default. By changing the ZoneAlarm's configuration file. a local attacker could cause the program to stop responding.
* Note: This check requires an account with Guest or upper privileges which can access the registry of the remote host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://www.osvdb.org/displayvuln.php?osvdb_id=9761
http://archives.neohapsis.com/archives/fulldisclosure/2004-08/0871.html
* Platforms Affected:
Zone Labs, ZoneAlarm Pro 4.x , 5.x
Microsoft Windows Any version |
| Recommendation |
No upgrade or patch available as of November 2004.
Upgrade to the new version of ZoneAlarm, when new version fixed this problem becomes available from the ZoneLab Web site at http://www.zonelabs.com/store/content/home.jsp |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
17099 (ISS) |
|
