Zone Labs ZoneAlarm SMTP Remote Buffer Overflow Vulnerability
BID:9696
Info
Zone Labs ZoneAlarm SMTP Remote Buffer Overflow Vulnerability
| Bugtraq ID: | 9696 |
| Class: | Boundary Condition Error |
| CVE: | |
| Remote: | Yes |
| Local: | Yes |
| Published: | Feb 19 2004 12:00AM |
| Updated: | Feb 19 2004 12:00AM |
| Credit: | Discovery is credited to Riley Hassell of eEye Digital Security. |
| Vulnerable: |
Zone Labs ZoneAlarm Pro 4.5 Zone Labs ZoneAlarm Pro 4.0 Zone Labs ZoneAlarm Plus 4.0 Zone Labs ZoneAlarm 4.0 Zone Labs Integrity Client 4.0 |
| Not Vulnerable: |
Zone Labs ZoneAlarm Pro 4.5 .538.001 Zone Labs ZoneAlarm Plus 4.5 .538.001 Zone Labs ZoneAlarm 4.5 .538.001 Zone Labs Integrity Client 4.5 .085 Zone Labs Integrity Client 4.0 .146.046 |
Discussion
Zone Labs ZoneAlarm SMTP Remote Buffer Overflow Vulnerability
It has been reported that ZoneAlarm is prone to a remote buffer overflow vulnerability caused by an unchecked buffer in the Simple Mail Transfer Protocol (SMTP) processing. Successful exploitation of this issue may allow an attacker to cause the firewall process to crash and/or execute arbitrary code in order to gain unauthorized access.
ZoneAlarm family of products and Integrity client versions 4.0 and above are reported to be prone to this issue. Integrity Server and Integrity Clientless Security products are not affected by this issue.
It has been reported that ZoneAlarm is prone to a remote buffer overflow vulnerability caused by an unchecked buffer in the Simple Mail Transfer Protocol (SMTP) processing. Successful exploitation of this issue may allow an attacker to cause the firewall process to crash and/or execute arbitrary code in order to gain unauthorized access.
ZoneAlarm family of products and Integrity client versions 4.0 and above are reported to be prone to this issue. Integrity Server and Integrity Clientless Security products are not affected by this issue.
Exploit / POC
Zone Labs ZoneAlarm SMTP Remote Buffer Overflow Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution / Fix
Zone Labs ZoneAlarm SMTP Remote Buffer Overflow Vulnerability
Solution:
Zone Labs has released an advisory with fixes to address this issue. Please see the referenced advisory for more information.
Solution:
Zone Labs has released an advisory with fixes to address this issue. Please see the referenced advisory for more information.
References
Zone Labs ZoneAlarm SMTP Remote Buffer Overflow Vulnerability
References:
References:
- Zone Labs SMTP Processing Vulnerability Advisory (Zone Labs)
- EEYE: ZoneLabs SMTP Processing Buffer Overflow ("Marc Maiffret"