✦ LIBER ✦

Opinion: The financial sector's move to open source security products

✍ Scribed by Jan Hichert

Publisher: Elsevier Science
Year: 2004
Tongue: English
Weight: 87 KB
Volume: 2004
Category: Article
ISSN: 1353-4858
DOI: 10.1016/s1353-4858(04)00056-x

No coin nor oath required. For personal study only.

✦ Synopsis

ZoneAlarm SMTP Processing Buffer Overflow

A number of private users and some businesses could be affected by a flaw in the SMTP processing system in the ZoneAlarm firewall, which can be exploited when ZoneAlarm is configured to protect an SMTP service. It is possible for hackers to construct an email with a maliciously crafted "RCPT TO:" header, which can trigger a buffer overflow vulnerability when the mail is replied to.

This flaw can also be exploited by local users to elevate their privileges to Local SYSTEM.