RETIRED: Check Point ZoneAlarm Multiple Products Local Privilege Escalation Vulnerabilities
BID:25377
Info
RETIRED: Check Point ZoneAlarm Multiple Products Local Privilege Escalation Vulnerabilities
| Bugtraq ID: | 25377 |
| Class: | Design Error |
| CVE: |
CVE-2007-4216 CVE-2005-2932 |
| Remote: | No |
| Local: | Yes |
| Published: | Apr 20 2007 12:00AM |
| Updated: | Oct 14 2008 04:47PM |
| Credit: | Ruben Santamarta and an anonymous researcher are credited with discovering these issues. |
| Vulnerable: |
Zone Labs ZoneAlarm Security Suite 6.5.737 Zone Labs ZoneAlarm Security Suite 5.5.62 Zone Labs ZoneAlarm 6.5.737 |
| Not Vulnerable: | |
Discussion
RETIRED: Check Point ZoneAlarm Multiple Products Local Privilege Escalation Vulnerabilities
Multiple Check Point ZoneAlarm products are prone to local privilege-escalation vulnerabilities.
An attacker can exploit these issues to gain elevated privileges and completely compromise an affected computer.
These issues have been confirmed in:
ZoneAlarm 6.5.737
ZoneAlarm Security Suite 5.5.062.004 and 6.5.737.
Other versions are likely vulnerable as well.
NOTE: This BID is being retired because it is a duplicate of BID 25365 (Check Point Zone Labs Multiple Products Local Privilege Escalation Vulnerabilities).
Multiple Check Point ZoneAlarm products are prone to local privilege-escalation vulnerabilities.
An attacker can exploit these issues to gain elevated privileges and completely compromise an affected computer.
These issues have been confirmed in:
ZoneAlarm 6.5.737
ZoneAlarm Security Suite 5.5.062.004 and 6.5.737.
Other versions are likely vulnerable as well.
NOTE: This BID is being retired because it is a duplicate of BID 25365 (Check Point Zone Labs Multiple Products Local Privilege Escalation Vulnerabilities).
Exploit / POC
RETIRED: Check Point ZoneAlarm Multiple Products Local Privilege Escalation Vulnerabilities
Currently we are not aware of any exploits for these issues. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently we are not aware of any exploits for these issues. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
RETIRED: Check Point ZoneAlarm Multiple Products Local Privilege Escalation Vulnerabilities
Solution:
Reports indicate that the vendor addressed these issues in 7.0.362 versions. Symantec has not confirmed this information. Please contact the vendor for details.
Solution:
Reports indicate that the vendor addressed these issues in 7.0.362 versions. Symantec has not confirmed this information. Please contact the vendor for details.
References
RETIRED: Check Point ZoneAlarm Multiple Products Local Privilege Escalation Vulnerabilities
References:
References:
- Check Point Zone Labs Multiple Products Privilege Escalation Vulnerability (iDefense Labs)
- Check Point Zone Labs VSDATANT Multiple IOCTL Privilege Escalation Vulnerabiliti (iDefense Labs)
- Zone Alarm Homepage (Check Point )