Tiny Personal Firewall出站数据包绕过漏洞

漏洞信息详情

Tiny Personal Firewall出站数据包绕过漏洞

• CNNVD编号：CNNVD-200112-160
• 危害等级： 低危
  
  
• CVE编号：
  CVE-2001-1549
  
• 漏洞类型：
  
  
  设计错误
  
• 发布时间：
  
  2001-12-31
  
• 威胁类型：
  
  
  本地
  
• 更新时间：
  
  2005-10-20
  
• 厂        商：
  
  tiny_software
• 漏洞来源：
  Discovered by Tom …

Tiny Personal Firewall 1.0和2.0版本存在漏洞。本地用户借助非标准TCP包创建的非Windows协议适配器从而绕过过滤。

ZoneAlarm has reportedly released a fix that does not allow for transmission of outbound traffic from non-standard protocol adapters. Currently we do not have information on this fix, however we will update this record when it is available.
Currently the SecurityFocus staff are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com .
@securityfocus.com>

来源: BID
名称: 3647
链接:http://www.securityfocus.com/bid/3647

来源: XF
名称: zonealarm-tiny-bypass-filter(7671)
链接:http://www.iss.net/security_center/static/7671.php

来源: BUGTRAQ
名称: 20011205 Flawed outbound packet filtering in various personal firewalls
链接:http://archives.neohapsis.com/archives/bugtraq/2001-12/0056.html