Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
[Full-disclosure] Re: Bypassing Personal Firewall (Zone Alarm Pro) Using DDE-IPC
From: Paul Laudanski (zxcastlecops.com)
Date: Thu Sep 29 2005 - 16:41:13 CDT
On 29 Sep 2005 warl0cklinuxmail.org wrote:
> It is issue with almost all the firewalls
> firewalls don't protect the running applications
> themselves.I think i don't get is what does it
> have to do with DDE ?.Also one can read firewall
> ACL from the settings and inject code into the
> running trusted process.
This "exploit" was tested by members at CastleCops and found to be untrue:
Snapshots also provided.
Paul Laudanski, Microsoft MVP Windows-Security
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/