多个个人防火墙Vendor Outbound数据包绕过漏洞

漏洞信息详情

多个个人防火墙Vendor Outbound数据包绕过漏洞

• CNNVD编号：CNNVD-200112-247
• 危害等级： 低危
  
  
• CVE编号：
  CVE-2001-1548
  
• 漏洞类型：
  
  
  设计错误
  
• 发布时间：
  
  2001-12-31
  
• 威胁类型：
  
  
  本地
  
• 更新时间：
  
  2005-10-20
  
• 厂        商：
  
  zonelabs
• 漏洞来源：
  Discovered by Tom …

ZoneAlarm 2.1至2.6版本和 ZoneAlarm Pro 2.4至2.6版本存在漏洞。本地用户可以借助与Windows协议适配器一起创建的非标准TCP数据包逃过过滤器。

ZoneAlarm has reportedly released a fix that does not allow for transmission of outbound traffic from non-standard protocol adapters. Currently we do not have information on this fix, however we will update this record when it is available.
Currently the SecurityFocus staff are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com .
@securityfocus.com>

来源: BID
名称: 3647
链接:http://www.securityfocus.com/bid/3647

来源: XF
名称: zonealarm-tiny-bypass-filter(7671)
链接:http://www.iss.net/security_center/static/7671.php

来源: BUGTRAQ
名称: 20011206 Re: Flawed outbound packet filtering in various personal firewalls
链接:http://archives.neohapsis.com/archives/bugtraq/2001-12/0065.html

来源: BUGTRAQ
名称: 20011205 Flawed outbound packet filtering in various personal firewalls
链接:http://archives.neohapsis.com/archives/bugtraq/2001-12/0056.html