spy1
April 9th, 2002, 03:17 PM
http://online.securityfocus.com/bid/4407
The MailSafe function in ZoneAlarm, one of the most widely-used firewalls,
allows content filtering and the blocking of certain files according to the
parameters established. One of the most usual practices is to block all
executable files, mainly '.exe' files. However, an attacker (or a worm
created specially for the purpose) could breach this protection layer if a
dot ('.') is included after the full file name. So the file
"malicious_file.exe" would not be blocked if it appeared as follows:
"malicious_file.exe.".
ZoneLabs has now corrected this problem which affected versions prior to
3.0.118. To update the product adequately and correct the vulnerability, go
to the "Check for Update" option in ZoneAlarm.
The MailSafe function in ZoneAlarm, one of the most widely-used firewalls,
allows content filtering and the blocking of certain files according to the
parameters established. One of the most usual practices is to block all
executable files, mainly '.exe' files. However, an attacker (or a worm
created specially for the purpose) could breach this protection layer if a
dot ('.') is included after the full file name. So the file
"malicious_file.exe" would not be blocked if it appeared as follows:
"malicious_file.exe.".
ZoneLabs has now corrected this problem which affected versions prior to
3.0.118. To update the product adequately and correct the vulnerability, go
to the "Check for Update" option in ZoneAlarm.