Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

Since the latest ZoneAlarm update...

Feb 19, 2004 8:07AM PST

Win98

I just noticed that since I installed this newest version of ZA, I no longer have the icon on top of the program interface indicating "listening to port 1025" or whatever it used to be.

William

Discussion is locked

- Collapse -
Re:Since the latest ZoneAlarm update...
Feb 19, 2004 8:19AM PST

ZA fixed:

This vulnerability is caused by an unchecked buffer in Simple Mail Transfer Protocol (SMTP) processing which could lead to a buffer overflow. In order to exploit the vulnerability without user assistance, the target system must be operating as an SMTP server.

The above is what they "patched" in version 4.5.538.001

- Collapse -
Re:Since the latest ZoneAlarm update...
Feb 19, 2004 9:24AM PST

Marianna,

Are you saying that the previous version was flawed specifically in indicating it was "listening to port 1025"?

William

- Collapse -
Re:Since the latest ZoneAlarm update...
Feb 19, 2004 10:48AM PST

William,

This is the response from ZoneAlarm:

Description: Zone Labs desktop security products process SMTP in order to perform various security functions. Due to an unchecked buffer in the SMTP processing system, a skilled attacker could cause the firewall to stop processing traffic or execute arbitrary code.

Successful exploitation requires one of the following scenarios and applies only to SMTP traffic:

A program listening on port 25/TCP (SMTP) of the target system. This condition is usually only present on SMTP servers. Zone Labs does not recommend using our client security products to protect servers.
A malicious program running on the protected system could trigger the buffer overflow and gain SYSTEM privileges if the user or administrator has given it permission to access the network.
In all cases, the program requesting network access must be approved by the user through the Program Control policy.

http://download.zonelabs.com/bin/free/securityAlert/8.html

- Collapse -
Thank you Marianna. :) nt
Feb 19, 2004 3:12PM PST