ZoneLabs ZoneAlarm Pro/Plus MailSafe Filter Bypass Vulnerability
BID:10148
Info
ZoneLabs ZoneAlarm Pro/Plus MailSafe Filter Bypass Vulnerability
| Bugtraq ID: | 10148 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 14 2004 12:00AM |
| Updated: | Apr 14 2004 12:00AM |
| Credit: | Discovery of this vulnerability has been credited to "Damjan Kreft" <[email protected]>. |
| Vulnerable: |
Zone Labs ZoneAlarm Pro 4.5 .538.001 Zone Labs ZoneAlarm Pro 4.5 Zone Labs ZoneAlarm Pro 4.0 Zone Labs ZoneAlarm Pro 3.1 Zone Labs ZoneAlarm Pro 3.0 Zone Labs ZoneAlarm Pro 2.6 Zone Labs ZoneAlarm Pro 2.4 Zone Labs ZoneAlarm Plus 4.5 .538.001 Zone Labs ZoneAlarm Plus 4.0 |
| Not Vulnerable: | |
Discussion
ZoneLabs ZoneAlarm Pro/Plus MailSafe Filter Bypass Vulnerability
A vulnerability has been reported in some versions of ZoneAlarm Pro/Plus MailSafe. MailSafe may be configured to quarantine file attachments with a certain extension. It is reported that, if the file name of a restricted attachment contains certain extended characters, MailSafe may fail to quarantine the attachment.
A vulnerability has been reported in some versions of ZoneAlarm Pro/Plus MailSafe. MailSafe may be configured to quarantine file attachments with a certain extension. It is reported that, if the file name of a restricted attachment contains certain extended characters, MailSafe may fail to quarantine the attachment.
Exploit / POC
ZoneLabs ZoneAlarm Pro/Plus MailSafe Filter Bypass Vulnerability
There is no exploit required.
There is no exploit required.
Solution / Fix
ZoneLabs ZoneAlarm Pro/Plus MailSafe Filter Bypass Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
References
ZoneLabs ZoneAlarm Pro/Plus MailSafe Filter Bypass Vulnerability
References:
References:
- Zone Labs Homepage (Zone Labs)
- ZA Security Hole ("Damjan Kreft"
)