EUVD-2006-1225

Malware in sbrugna...

EUVD-2008-6984

Malware in sbrugna...

ZoneAlarm TrueVector Internet Monitor Insecure NTFS Permissions Vulnerability

A vulnerability was found in the TrueVector Internet Monitor service, which is installed as part of the Check Point ZoneAlarm firewall. This vulnerability allows a local attacker to cause the affected service to change the file permissions of arbitrary local files. After the file permissions have...

ZoneAlarm TrueVector Internet Monitor Insecure NTFS Permissions

------------------------------------------------------------------------ ZoneAlarm TrueVector Internet Monitor service insecure NTFS permissions vulnerability ------------------------------------------------------------------------ Yorick Koster, December 2019...

ZoneAlarm 8.0.20 HTTP Proxy Remote Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/31431/info ZoneAlarm Internet Security Suite is prone to a remote denial-of-service vulnerability that occurs in the TrueVector component when connecting to a malicious HTTP proxy. ZoneAlarm Internet Security Suite 8.0.02...

CVE-2008-7025

TrueVector in Check Point ZoneAlarm 8.0.020.000, with vsmon.exe running, allows remote HTTP proxies to cause a denial of service crash and disable the HIDS module via a crafted response...

Design/Logic Flaw

TrueVector in Check Point ZoneAlarm 8.0.020.000, with vsmon.exe running, allows remote HTTP proxies to cause a denial of service crash and disable the HIDS module via a crafted response...

CVE-2008-7025

CVE-2008-7025 affects Check Point ZoneAlarm 8.0.020.000 when vsmon.exe is running. A crafted HTTP proxy response can cause a denial of service (crash) and disable the HIDS module. The vulnerability is reported across multiple sources (NVD entry and related records). The provided materials do not ...

CVE-2008-7025

TrueVector in Check Point ZoneAlarm 8.0.020.000, with vsmon.exe running, allows remote HTTP proxies to cause a denial of service crash and disable the HIDS module via a crafted response...

Crashing ZoneAlarm 8.0.020.000 by Checkpoint (Component : TrueVector)

Crashing ZoneAlarm 8.0.020.000 by Checkpoint Component : TrueVector ========================================== - Keep ZoneALarm 8 running with vsmon.exe running which runs by default - On System A : Run the rogue proxy attached zacrasherproxy.exe and set a port number eg: zacrasherproxy.exe 5938 ...

ZoneAlarm 8.0.20 - HTTP Proxy Remote Denial of Service

ZoneAlarm 8.0.20 - HTTP Proxy Remote Denial of Service source: https://www.securityfocus.com/bid/31431/info ZoneAlarm Internet Security Suite is prone to a remote denial-of-service vulnerability that occurs in the TrueVector component when connecting to a malicious HTTP proxy. ZoneAlarm Internet...

CVE-2003-1309

The DeviceIoControl function in the TrueVector Device Driver VSDATANT in ZoneAlarm before 3.7.211, Pro before 4.0.146.029, and Plus before 4.0.146.029 allows local users to gain privileges via certain signals aka "Device Driver Attack"...

CVE-2003-1309

CVE-2003-1309 affects the ZoneAlarm true vector device driver (VSDATANT) in ZoneAlarm prior to 3.7.211, Pro prior to 4.0.146.029, and Plus prior to 4.0.146.029. The issue enables local privilege elevation via the DeviceIoControl interface by exploiting signals (the so‑called “Device Driver Attack...

Microsoft Windows system services privilege escalation

There are several local services SSDP Discovery service, Universal Plug and Play Host service allow any authenticated user to configure service. It makes it possible to specify executable file and elevate privilege to Local System. Also vulnerable: HP Software: "Pml Driver HPZ12" HP Printer...

Design/Logic Flaw

Untrusted search path vulnerability in the TrueVector service VSMON.exe in Zone Labs ZoneAlarm 6.x and Integrity does not search ZoneAlarm's own folders before other folders that are specified in a user's PATH, which might allow local users to execute code as SYSTEM by placing malicious DLLs into...

CVE-2006-1221

Untrusted search path vulnerability in the TrueVector service VSMON.exe in Zone Labs ZoneAlarm 6.x and Integrity does not search ZoneAlarm's own folders before other folders that are specified in a user's PATH, which might allow local users to execute code as SYSTEM by placing malicious DLLs into...

CVE-2006-1221

The CVE concerns ZoneAlarm’s TrueVector service (VSMON.exe) on ZoneLabs ZoneAlarm 6.x/Integrity. The vulnerability arises because VSMON loads several DLLs at startup without fully qualifying their path, allowing an attacker with local access to place malicious DLLs in insecure folders that are se...

CVE-2006-1221

Untrusted search path vulnerability in the TrueVector service VSMON.exe in Zone Labs ZoneAlarm 6.x and Integrity does not search ZoneAlarm's own folders before other folders that are specified in a user's PATH, which might allow local users to execute code as SYSTEM by placing malicious DLLs into...

18ZLZA.txt

Summary: 18 ways to escalate privileges in Zone Labs ZoneAlarm Security Suite build 6.1.744.000 http://www.zonelabs.com/ Details: During Windows startup the TrueVector service vsmon.exe - an integral piece of most Zone Labs products is set to startup automatically. The TrueVector service runs und...

CVE-2003-1309

The DeviceIoControl function in the TrueVector Device Driver VSDATANT in ZoneAlarm before 3.7.211, Pro before 4.0.146.029, and Plus before 4.0.146.029 allows local users to gain privileges via certain signals aka "Device Driver Attack"...