[34529] in bugtraq
ZA Security Hole
daemon@ATHENA.MIT.EDU (Damjan Kreft)
Thu Apr 15 20:01:53 2004
Message-ID: <000d01c42261$552cfbc0$0100a8c0@BlueBox>
From: "Damjan Kreft" <damjan.kreft@siol.net>
To: <bugtraq@securityfocus.com>
Date: Wed, 14 Apr 2004 22:44:50 +0200
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-2"
Content-Transfer-Encoding: 8bit
Hello!
I think, I discover some kind of security hole in ZoneAlaram - any version.
The problem is hidding in E-mail Protection. Because I'm form Slovenia (not
Slovakia), our alphabet does have some letters with roof (c - è, s - ¹, z -
¾). And when the name of e-mail attachment contain any of these three
letters, it don't go to the qurarantine (if the attachment do have right
extension of course). I think that can be security threat. From this reason
I write to you. If this is mistake, I'm sorry to steal your time with this
e-mail. And sorry for my bad english :)
I write to ZA Labs too, but no answer.
Greets, Damjan
_____________ NOD32 Information _____________
This message was checked by NOD32 antivirus system.
http://www.nod32.com
__________________________________________
