|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[Full-disclosure] Re: Bypassing Personal Firewall (Zone Alarm Pro) Using DDE-IPC
From: Paul Laudanski (zx
castlecops.com)
Date: Thu Sep 29 2005 - 16:41:13 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 29 Sep 2005 warl0cklinuxmail.org wrote:
> It is issue with almost all the firewalls
> firewalls don't protect the running applications
> themselves.I think i don't get is what does it
> have to do with DDE ?.Also one can read firewall
> ACL from the settings and inject code into the
> running trusted process.
This "exploit" was tested by members at CastleCops and found to be untrue:
http://castlecops.com/postlite134369-.html
Snapshots also provided.
--
Paul Laudanski, Microsoft MVP Windows-Security
CastleCops(SM), http://castlecops.com
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]