| VID |
28139 |
| Severity |
30 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The ZoneAlarm PC firewall, according to its version number, has a privilege escalation vulnerability in the TrueVector service. ZoneAlarm is a personal firewall by Zone Labs for Microsoft Windows computers. ZoneAlarm versions 6.1.744.000 and earlier could allow a local attacker to gain elevated privileges. This issue is due to the failure of the application to properly specify the full path of DLLs. An attacker with local access could exploit this vulnerability to execute arbitrary programs on the affected host with LOCAL SYSTEM privileges.
* Note: This check requires an account with Guest or upper privileges which can access the registry of the remote host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://www.securityfocus.com/archive/1/427122/30/0/threaded
http://download.zonelabs.com/bin/free/securityAlert/51.html
* Platforms Affected:
Zone Labs, ZoneAlarm Security Suite versions 6.1.744.000 and earlier
Microsoft Windows Any version |
| Recommendation |
Upgrade to the latest version of ZoneAlarm (build 6.1.744.001 or later), available from the Zone Labs Web site at http://www.zonelabs.com/ |
| Related URL |
CVE-2006-1221 (CVE) |
| Related URL |
17037 (SecurityFocus) |
| Related URL |
25097 (ISS) |
|
