1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

ZoneLabs ZoneAlarm MailSafe Extension Dot Filtering Bypass Vulnerability

Discussion in 'Security and Privacy' started by Admin., 2002/04/09.

Thread Status:
Not open for further replies.
  1. 2002/04/09
    Admin.

    Admin. Administrator Administrator Staff Thread Starter

    Joined:
    2001/12/30
    Messages:
    6,687
    Likes Received:
    107
    A vulnerability has been reported in some versions of ZoneAlarm. MailSafe may be configured to block file attachments with a certain extension, for example all .exe files. If the same file is sent with an additional '.' appended to the filename, it will not be blocked.

    More Info
     
    Admin.,
    #1
  2. 2002/04/10
    Ramona

    Ramona Geek Member Alumni

    Joined:
    2001/12/31
    Messages:
    7,481
    Likes Received:
    2
    Thanks for the heads up, Arie.

    The SecurityFocus site doesn't make it clear that this is ZoneAlarm Pro 3.0, do they. I'm sure a lot of users with the free ZoneAlarm, 2.6.362 will think they are also at risk.

    Ramona :D
     
    Ramona,
    #2


  3. to hide this advert.

  4. 2002/04/11
    Arie

    Arie Administrator Administrator Staff

    Joined:
    2001/12/27
    Messages:
    15,174
    Likes Received:
    412
    Yep you are right... seems to be a ZA 3.0 only problem.
     
    Arie,
    #3
Thread Status:
Not open for further replies.

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...