Results 1 to 4 of 4

Thread: ZoneAlarm vulnerable to to zapass.exe code injection?

  1. #1
    pelican Guest

    Default ZoneAlarm vulnerable to to zapass.exe code injection?

    Hello,I downloaded zapass.exe today to test zone alarm. This test program 'creates an implant' into an active program. I chose internet explorer. zapass was able to create an implant in internet explorer and download a copy of the google homepage to my root directory on c; without my permission.The worst part is that I am so careful with my settings that I have internet explorer set-up to 'ask' for permission in ALL the columns in the program control window. Internet explorer cannot access the internet without my permission. Yet, running zapass.exe not only accesses the internet without my permission, it downloads a file to my harddrive. This is very disconcerting and worrisome.please let me know if you have tested za against zapass.exe. Have I just witnessed a massive deficiency in the security of za or is there something I should be doing differently in my settings?thanks,verbin

    Message Edited by Forum-Moderator on 07-08-2009 11:43 AM

  2. #2
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,289

    Default Re: ZoneAlarm vulnerable to to zapass.exe code injection?


    <BLOCKQUOTE><HR>pelican wrote:
    please let me know if you have tested za against zapass.exe.
    <HR></BLOCKQUOTE>Yes, and ZA has no problem with it. This is since version 7 around two years ago?Are you running ZA free? ZA free is missing program control components to protect from the leak test.Cheers,Fax

    Message Edited by Forum-Moderator on 07-08-2009 11:43 AM

    Message Edited by fax on 07-08-2009 08:55 PM

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  3. #3
    pelican Guest

    Default Re: ZoneAlarm vulnerable to to zapass.exe code injection?

    I am running ZA Security Suite not ZA Free. With the default settings my ZA did not stop zapass.exe. But once I enabled the component control setting (where you can see the component list) ZA sent a message that a component of Internet Explorer wanted to access the internet when zapass.exe launched, so I could stop it.
    Perhaps the initial bypass of ZA by zapass.exe happened because of the way I installed ZA.

  4. #4
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,289

    Default Re: ZoneAlarm vulnerable to to zapass.exe code injection?

    Hi!probably program controlwason autolearn. It should be set to maximum for testing.I don't think you need to have component control active to pass it.Cheers,Fax

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •