Info

Disclosure

Apr 14, 2004

Discovery

Unknown

Dates

Exploit

Apr 14, 2004

Solution

Unknown

Description

Zone Alarm contains a flaw in Email Protection that may allow a malicious user to bypass email attachement filename filter. The issue is triggered when foreign characters or parens is used in filenames (c - è, s - ¹, z - ¾). The attachement will not be qurarantined. It is possible that the flaw may allow a remote attacker to bypass ZoneAlarm and send arbitrary malwares in email attachemnt, resulting in a loss of integrity.

Classification

Location: Remote/Network Access Required
Attack Type: Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Available

Solution

Upgrade to version 5.0 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Zone Labs, Inc.

Zone Alarm

PRO

References

Bugtraq ID: 10148
ISS X-Force ID: 15884
CVE ID: 2004-1936 (see also: NVD)
Related OSVDB ID: 5930
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2004-04/0158.html
http://archives.neohapsis.com/archives/bugtraq/2004-04/0168.html

Credit

Damjan Kreft - damjan.kreftsiol.net -

Direct URL: http://osvdb.org/36218