News Stay informed about the latest enterprise technology news and product updates.

Firewall hole cause for 'Alarm'

Users of ZoneAlarm personal firewalls should apply a patch to seal a hole in many versions that could allow attackers to increase their system privileges.

Users of ZoneAlarm personal firewalls are urged to apply an update for a vulnerability in many versions that could...

allow attackers to increase their system privileges on targeted machines.

The flaw occurs when the firewall is processing Simple Mail Transfer Protocol (SMTP) traffic. ZoneAlarm has deemed it a "medium" risk since only systems that are being run as SMTP servers are affected. The company does not recommend using its products to protect such systems.

Specifically, the flaw is a stack-based buffer overflow in a component that processes the RCPT TO command argument, said an advisory from Aliso Viejo, Calif.-based eEye Digital Security, which discovered the flaw. Attackers can exploit the flaw by sending a particularly large argument to RCPT TP command, which overflows the buffer. If exploited, the vulnerability could cause the firewall to stop processing, increase the attackers' user privileges or run arbitrary code on the system.

Affected versions include:

  • ZoneAlarm 4.0 to 4.5.538.000
  • ZoneAlarm Pro 4.0 to 4.5.538.000
  • ZoneAlarm Plus 4.0 to 4.5.538.000
  • Zone Labs Integrity Client 4.0 to 4.5.084

Users of such systems can click here for information about patching their products.

Dig Deeper on Network device security: Appliances, firewalls and switches

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.