Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

ZoneAlarm Flaw Opens Firewalls To E-mail Attack

Zone Labs has alerted users that several versions of its personal firewall products are vulnerable to a buffer overflow attack conducted via e-mail that could leave supposedly-protected systems open to malicious code assaults, the company said.

The affected editions include the 4.0 versions of ZoneAlarm, ZoneAlarm Plus, and ZoneAlarm Pro; ZoneAlarm Pro 4.5; and Zone Labs Integrity Client 4.0 and 4.5.

"If successfully exploited, a skilled attacker could cause the firewall to stop processing traffic, execute arbitrary code, or elevate malicious code's privileges," ZoneAlarm said Wednesday in the alert posted on its Web site.

The vulnerability, which was first reported by eEye Digital Security, is caused by an unchecked buffer in Simple Mail Transfer Protocol (SMTP) processing, which could in turn lead to a buffer overflow, said ZoneAlarm. To exploit the vulnerability remotely, the target system must be operating as an SMTP server.

"Zone Labs does not recommend using our client security products to protect servers," the company said. Zone Labs also sells a server-specific firewall under its Integrity line.

  • 1