Exploit ZoneAlarm Pro 1.0/2.x - Outbound Packet Bypass

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
21169
Проверка EDB
  1. Пройдено
Автор
TOM LISTON
Тип уязвимости
REMOTE
Платформа
WINDOWS
CVE
cve-2001-1549
Дата публикации
2001-12-06
Код:
source: https://www.securityfocus.com/bid/3647/info

Due to a common design error, it may be possible for outbound packets to bypass packet filtering in many personal firewalls.

Many of these applications only block packets created by the standard Windows protocol adapter. It is possible for a user with administrative privileges to create packets with other protocol adapters that are not evaluated against the personal firewall rules when transmitted.

Exploitation will result in a violation of security policy.

Tiny Personal Firewall, ZoneAlarm and ZoneAlarm Pro are confirmed vulnerable. It is believed that other applications similar in design may also be vulnerable. 

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/21169.zip
 
Источник
www.exploit-db.com

Похожие темы