Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2004-2018 Tenable Network Security, Inc.ZONE_ALARM_FW_P67.NASL
HistorySep 03, 2004 - 12:00 a.m.

ZoneAlarm Personal Firewall UDP Source Port 67 Bypass

2004-09-0300:00:00
This script is Copyright (C) 2004-2018 Tenable Network Security, Inc.
www.tenable.com
14

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.029 Low

EPSS

Percentile

90.9%

JSON

This version of ZoneAlarm contains a flaw that may allow a remote attacker to bypass the ruleset. The issue is due to ZoneAlarm not monitoring and alerting UDP traffic with a source port of 67.

This allows an attacker to bypass the firewall to reach protected hosts without setting off warnings on the firewall.

#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
 script_id(14660);
 script_version("1.20");

 script_cve_id("CVE-2000-0339");  
 script_bugtraq_id(1137);

 script_name(english:"ZoneAlarm Personal Firewall UDP Source Port 67 Bypass");

 script_set_attribute(attribute:"synopsis", value:
"This host is running a firewall that fails to filter certain types of
traffic." );
 script_set_attribute(attribute:"description", value:
"This version of ZoneAlarm contains a flaw that may allow a remote
attacker to bypass the ruleset.  The issue is due to ZoneAlarm not
monitoring and alerting UDP traffic with a source port of 67. 

This allows an attacker to bypass the firewall to reach protected
hosts without setting off warnings on the firewall." );
 script_set_attribute(attribute:"see_also", value:"https://seclists.org/bugtraq/2000/Apr/134");
 script_set_attribute(attribute:"solution", value:
"Upgrade at least to version 2.1.25." );
 script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N");
 script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
 script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
 script_set_attribute(attribute:"exploit_available", value:"true");

 script_set_attribute(attribute:"plugin_publication_date", value: "2004/09/03");
 script_set_attribute(attribute:"vuln_publication_date", value: "2000/04/20");
 script_cvs_date("Date: 2018/11/15 20:50:22");
script_set_attribute(attribute:"plugin_type", value:"local");
script_end_attributes();

 
 script_summary(english:"Check ZoneAlarm version");
 script_category(ACT_GATHER_INFO);
 script_copyright(english:"This script is Copyright (C) 2004-2018 Tenable Network Security, Inc.");
 script_family(english:"Firewalls");
 script_dependencies("netbios_name_get.nasl","zone_alarm_local_dos.nasl",
 		     "smb_login.nasl","smb_registry_access.nasl");
 script_require_keys("SMB/name", "SMB/login", "SMB/password",
		     "SMB/transport", "zonealarm/version");

 script_require_ports(139, 445);
 exit(0);
}

zaversion = get_kb_item ("zonealarm/version");
if (!zaversion) exit (0);

if(ereg(pattern:"^([0-1]\.|2\.0|2\.1\.([0-9]|1[0-9]|2[0-4])[^0-9])", string:zaversion))
{
 security_warning(0);
}

Related

openvas 2
nvd 1
cvelist 1
cve 1
openvas
openvas
ZoneAlarm Personal Firewall port 67 flaw
2005-11-03 00:00:00
ZoneAlarm Personal Firewall Port 67 Flaw
2005-11-03 00:00:00
nvd
nvd
CVE-2000-0339
2000-04-24 04:00:00
cvelist
cvelist
CVE-2000-0339
2000-07-12 04:00:00
cve
cve
CVE-2000-0339
2000-07-12 04:00:00

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.029 Low

EPSS

Percentile

90.9%

JSON
Related for ZONE_ALARM_FW_P67.NASL
openvas2nvd1cvelist1cve1