New Vulnerability in ZA 6?

Discussion in 'other firewalls' started by fax, Mar 9, 2006.

Thread Status:
Not open for further replies.
  1. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,731
    Location:
    localhost
  2. flyrfan111

    flyrfan111 Registered Member

    Joined:
    Jun 1, 2004
    Posts:
    1,224
    I wonder if this just affects ZA, were other firewalls tested for this? Anybody know?

    Never mind it seems to affect True vector which would only affect ZA. That could be good, TV is the source of most problems with ZA's memory leaks, so perhaps ZL will HAVE to adress it now.
     
  3. metallicakid15

    metallicakid15 Registered Member

    Joined:
    Dec 6, 2005
    Posts:
    454
    there is a security flaw effecting every single firewall known dont remember the name
     
  4. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,731
    Location:
    localhost
  5. flyrfan111

    flyrfan111 Registered Member

    Joined:
    Jun 1, 2004
    Posts:
    1,224
    All I can say is WOW, that company can't even make an official statement with out screwing it up. The severity level at the top says high, two or three lines later they classify it as low. lol.


    Severity: High (Top of Statement)


    Severity: (Two lines later)
    Low

    They classify it as not remotely exploitable, then they say in order for it to work, the machine has to have been hacked with a trojan and the code placed on the system or social engineering, which sounds a lot like it may be remotely exploitable. To me, that says something about the quality control over there.

    Now imagine what their code looks like.
     
    Last edited: Mar 10, 2006
  6. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,702
    Hello,
    If it's no remotely exploitable, it means you must download stuff to your PC and execute it. So, it's nothing special.
    Mrk
     
  7. ned kelly

    ned kelly Registered Member

    Joined:
    Sep 28, 2005
    Posts:
    14
    You are confusing the 2 classifications
    The low classifacation is for the likelyhood of anyone actually getting damaged by the exploit.

    The High classification is for importance and speed they will apply to patching the exploit.
     
  8. flyrfan111

    flyrfan111 Registered Member

    Joined:
    Jun 1, 2004
    Posts:
    1,224
    Yes, perhaps I did misunderstand, but they should also provide a more clear officail announcement format, nowhere on the announcement does it explain that and both instances are titled Severity.

    I also feel that the True Vector engine is the source of a majority of the problems with ZL products and needs to be re-written instead of just patched. It already has several memory leaks and would seriously reduce their support calls with a leaner, more straight forward approach. Sorry for misunderstanding their format. I was just venting some pent up frustration from dealing with their products from version 2 days and finally giving up with the early version 6 fiasco of a firewall they released.
     
    Last edited: Mar 10, 2006
  9. ned kelly

    ned kelly Registered Member

    Joined:
    Sep 28, 2005
    Posts:
    14
    I agree with you 100%, it is very frustrating and i also think ZA 4.5 was the best. It just seems to me that firewalls are trying to be an all in one now and are not doing to well at it.

    PS: No need to say sorry..:-*
     
    Last edited by a moderator: Mar 11, 2006
  10. unhappy_viewer

    unhappy_viewer Registered Member

    Joined:
    Sep 16, 2005
    Posts:
    259
    Everything is becoming a all-in-one product. Firewalls, antiviruses, anti-tojans and antispyware. Companies need to do this in order to remain competitive otherwise they will loose out since these days, many computer users(especially those who aren't pros) find that its easier and cheaper to buy a all-in-one product.
     
Loading...
Thread Status:
Not open for further replies.