Madrid, 12 November, 2001 -
According to information published on Bugtraq
(at http://www.securityfocus.com/archive/1/225205) a bug has been discovered
in Zone Alarm Pro, firewall software for Windows widely used by home users.
This vulnerability can cause the program to treat Internet addresses as
local addresses.
ZoneAlarm Pro lets users protect computers easily without having to use any
additional hardware. Apparently, the bug has been detected in ZoneAlarm
Pro's latest version (2.6.357), although it may possibly appear in other
versions of the program, including the freeware version.
As with Internet Explorer, ZoneAlarm Pro (ZAP) can be configured for local
and Internet connections. However, in some cases, the program recognizes
some Internet addresses as local, thus assigning them the lowest security
level. To be precise, every connection with the first octets matching the
user's IP will be treated as local. So for example, if the user's IP address
is 456.456.456.456, the program will apply a local security level to any
connection established from a 456.456.*.* address. This will result in the
connection having the lowest safety guarantees, which could enable attacks
from malicious users.
Hope this helps zone alarm users.
If it already been posted sorry , I did a search and could find no reference to this.
According to information published on Bugtraq
(at http://www.securityfocus.com/archive/1/225205) a bug has been discovered
in Zone Alarm Pro, firewall software for Windows widely used by home users.
This vulnerability can cause the program to treat Internet addresses as
local addresses.
ZoneAlarm Pro lets users protect computers easily without having to use any
additional hardware. Apparently, the bug has been detected in ZoneAlarm
Pro's latest version (2.6.357), although it may possibly appear in other
versions of the program, including the freeware version.
As with Internet Explorer, ZoneAlarm Pro (ZAP) can be configured for local
and Internet connections. However, in some cases, the program recognizes
some Internet addresses as local, thus assigning them the lowest security
level. To be precise, every connection with the first octets matching the
user's IP will be treated as local. So for example, if the user's IP address
is 456.456.456.456, the program will apply a local security level to any
connection established from a 456.456.*.* address. This will result in the
connection having the lowest safety guarantees, which could enable attacks
from malicious users.
Hope this helps zone alarm users.
If it already been posted sorry , I did a search and could find no reference to this.