If you’re a Check Point’s ZoneAlarm user, it’s time to upgrade. The vendor has released version 7.0.362 to address flaws local attackers could exploit to gain extra user privileges or bypass security restrictions.
The flaws are outlined in iDefense Labs Public Advisory: 08.20.07:
“Local exploitation of an insecure permission vulnerability in multiple Check Point Zone Labs products allows attackers to escalate privileges or disable protection,” iDefense said. “The vulnerability specifically exists in the default file Access Control List (ACL) settings that are applied during installation.”
When an administrator installs any of the Zone Labs ZoneAlarm tools, iDefense said, the default ACL allows any user to modify the installed files. “This allows a user to simply replace an installed ZoneAlarm file with their own code that will later be executed with system-level privileges,” the advisory said.