EUVD-2001-1354

Malware in sbrugna...

EUVD-2004-1511

Malware in sbrugna...

EUVD-2000-0219

Malware in sbrugna...

EUVD-2006-1225

Malware in sbrugna...

SMC Router 1.2x Random UDP Packet Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8711/info A denial of service has been reported in the SMC SMC2404WBR BarricadeT Turbo 11/22 Mbps Wireless Cable/DSL Broadband Router. It is possible to trigger this condition by sending UDP packets randomly to ports...

Zone Labs ZoneAlarm 2.1 Personal Firewall Port 67 Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1137/info Certain versions of Zone Labs personal Firewall have a vulnerability which allows malicious users to port scan the firewall without being detected. In particular if the port scan originates from source port 67 o...

ZoneAlarm 3.7 .202/PRO 4.0/PRO 4.5 Random UDP Flood Denial of Service Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/8525/info A denial of service vulnerability has been alleged in ZoneAlarm. It is reportedly possible to reproduce this condition by sending a flood of UDP packets of random sizes to random ports on a system hosting the...

Zone Labs ZoneAlarm 3.0/3.1 Syn Flood Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5975/info ZoneAlarm is a firewall software package designed for Microsoft Windows operating systems. It is distributed and maintained by Zone Labs. ZoneAlarm does not properly handle some types of traffic. When ZoneAlarm ...

Memory corruption

vsdatant.sys 6.5.737.0 in Check Point Zone Labs ZoneAlarm before 7.0.362 allows local users to gain privileges via a crafted Interrupt Request Packet Irp in a METHODNEITHER 1 IOCTL 0x8400000F or 2 IOCTL 0x84000013 request, which can be used to overwrite arbitrary memory locations...

CVE-2007-4216

The CVE-2007-4216 issue affects ZoneAlarm’s vsdatant.sys (Zone Labs Zone Alarm)

iDefense Security Advisory 08.20.07: Check Point Zone Labs VSDATANT Multiple IOCTL Privilege Escalation Vulnerabilities

Check Point Zone Labs VSDATANT Multiple IOCTL Privilege Escalation Vulnerabilities iDefense Security Advisory 08.20.07 http://labs.idefense.com/intelligence/vulnerabilities/ Aug 20, 2007 I. BACKGROUND Zone Alarm products provide security solutions such as anti-virus, firewall, spy-ware, and ad-wa...

ZoneAlarm产品多个本地权限提升漏洞

BUGTRAQ ID: 25365 CVECAN ID: CVE-2007-4216,CVE-2005-2932 ZoneAlarm是一款个人电脑防火墙，能保护个人数据和隐私安全。 ZoneAlarm的实现和安装上存在多个安全漏洞，本地攻击者可能利用此漏洞提升自己的权限。 ZoneAlarm产品vsdatant.sys设备驱动的IOCTL处理代码没有验证传送给IOCTL 0x8400000F和IOCTL...

iDefense Security Advisory 08.20.07: Check Point Zone Labs Multiple Products Privilege Escalation Vulnerability

Check Point Zone Labs Multiple Products Privilege Escalation Vulnerability iDefense Security Advisory 08.20.07 http://labs.idefense.com/intelligence/vulnerabilities/ Aug 20, 2007 I. BACKGROUND Zone Alarm products provide security solutions such as anti-virus, firewall, spy-ware, and ad-ware...

[Reversemode Advisory] CheckPoint ZoneLabs Vsdatant.sys multiple local privilege escalation vulnerabilities

CHECK POINT ZONE LABS PRODUCTS MULTIPLE LOCAL PRIVILEGE ESCALATION VULNERABILITIES Ruben Santamarta rubenatreversemodedotcom 08.20.2007 Affected Products: ZoneAlarm 7.0.362 Vsdatant.sys is exposed via “.vsdatant”. The permissive ACL allows everyone to invoke privileged IOCTLs implemented in the...

ZoneAlarm及Comodo防火墙本地绕过保护机制漏洞

ZoneAlarm和Comodo都是非常流行的个人防火墙。 ZoneAlarm及Comodo防火墙在检测管理进程的实现上存在漏洞，本地攻击者可能利用此漏洞绕过检测。...

iDefense Security Advisory 04.20.07: Check Point Zone Labs SRESCAN IOCTL Local Privilege Escalation Vulnerability

Check Point Zone Labs SRESCAN IOCTL Local Privilege Escalation Vulnerability iDefense Security Advisory 04.20.07 http://labs.idefense.com/intelligence/vulnerabilities/ Apr 20, 2007 I. BACKGROUND Zone Alarm products provide security solutions such as anti-virus, firewall, spy-ware, and ad-ware...

CVE-2007-2083

This CVE (CVE-2007-2083) affects ZoneAlarm Pro and is caused by vsdatant.sys not validating arguments passed to hooked SSDT function handlers, enabling local attackers to crash the system or possibly execute arbitrary code via crafted arguments to NtCreateKey and NtDeleteFile. Affected product: Z...

ZoneAlarm Vsdatant.SYS驱动本地拒绝服务漏洞

ZoneAlarm是一款流行的个人防火墙系统。 ZoneAlarm 'vsdatant.sys'驱动处理参数存在问题，本地攻击者可以利用漏洞对应用程序进行拒绝服务攻击。 SSDT函数句柄执行在内核模式下执行，但他们的调用者执行在用户模式下，因此所有函数参数来自用户模式，所以必须严格验证这些参数，不正确使用这些函数可导致系统崩溃。 ZoneAlarm在SSDT中hook多个函数，其中至少有2个情况下缺少丢来自用户模式下的参数数据，由于Kerio驱动fwdrv.sys和khips.sys驱动的错误，用户调用不合法的NtCreateKey和NtDeleteFile参数值可导致系统崩溃。 Zon...

CVE-2006-3540

Check Point Zone Labs ZoneAlarm Internet Security Suite 6.5.722.000, 6.1.737.000, and possibly other versions do not properly validate RegSaveKey, RegRestoreKey, and RegDeleteKey function calls, which allows local users to cause a denial of service system crash via a certain combination of these...

CVE-2006-3540

Check Point Zone Labs ZoneAlarm Internet Security Suite 6.5.722.000, 6.1.737.000, and possibly other versions do not properly validate RegSaveKey, RegRestoreKey, and RegDeleteKey function calls, which allows local users to cause a denial of service system crash via a certain combination of these...