Jetico v2 and ZA DDE-IPC flaw?

Discussion in 'other firewalls' started by steely, Sep 5, 2006.

Thread Status:
Not open for further replies.
  1. steely

    steely Registered Member

    Joined:
    Aug 24, 2006
    Posts:
    12
  2. unhappy_viewer

    unhappy_viewer Registered Member

    Joined:
    Sep 16, 2005
    Posts:
    259
    The DDE-IPC can be prevented in paid ZA versions pre 6.0 by enabling advance program control (not on by deafult). Versions 6.0 and above will be protected from this vulnerbility by OSFirewall which is on by default. So some will argue that its not really a vulnerbility (not considering free version users), just a matter of having the right setting if using pre 6.0.
     
  3. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    Jetico V2 intercepts this:-
     

    Attached Files:

  4. steely

    steely Registered Member

    Joined:
    Aug 24, 2006
    Posts:
    12
    Thanks, Stem. Have you tested the zabypass?
     
  5. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    Jetico V2 is not intercepting the actual Leaktest.
     
    Last edited: Sep 7, 2006
  6. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    Update,.. Jetico V2 is now intercepting this attempted bypass:-
     

    Attached Files:

  7. steely

    steely Registered Member

    Joined:
    Aug 24, 2006
    Posts:
    12
    Good to hear that, Thanks Stem.
     
  8. Tommy

    Tommy Registered Member

    Joined:
    Dec 24, 2002
    Posts:
    1,169
    Location:
    Buenos Aires - Munic
    Yep, if the 'internal access' feature in Jetico v2 is finished it _should_ intercept 100% of the _normal_ bypass attempts.
     
Loading...
Thread Status:
Not open for further replies.