[40544] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Bypassing Personal Firewall (Zone Alarm Pro) Using DDE-IPC

daemon@ATHENA.MIT.EDU (Paul Laudanski)
Fri Sep 30 16:19:47 2005

Date: Thu, 29 Sep 2005 17:41:13 -0400 (EDT)
From: Paul Laudanski <zx@castlecops.com>
To: warl0ck@linuxmail.org
Cc: bugtraq@securityfocus.com, <full-disclosure@lists.grok.org.uk>
In-Reply-To: <20050929041523.32182.qmail@securityfocus.com>
Message-ID: <Pine.LNX.4.44.0509291739390.20199-100000@bugsbunny.castlecops.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII

On 29 Sep 2005 warl0ck@linuxmail.org wrote:

> It is issue with almost all the firewalls
> firewalls don't protect the running applications
> themselves.I think i don't get is what does it
> have to do with DDE ?.Also one can read firewall
> ACL from the settings and inject code into the
> running trusted process.

This "exploit" was tested by members at CastleCops and found to be untrue:

http://castlecops.com/postlite134369-.html

Snapshots also provided.

-- 
Paul Laudanski, Microsoft MVP Windows-Security
CastleCops(SM), http://castlecops.com


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[40544] in bugtraq

Re: Bypassing Personal Firewall (Zone Alarm Pro) Using DDE-IPC

daemon@ATHENA.MIT.EDU (Paul Laudanski)Fri Sep 30 16:19:47 2005

daemon@ATHENA.MIT.EDU (Paul Laudanski)
Fri Sep 30 16:19:47 2005