Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!

TUCoPS :: Security App Flaws :: hack3911.htm

ZoneAlarm Pro Unsecure file permission
Unsecure file permission of ZoneAlarm pro.

Hello list,

Zone Alarm stores its config. files in %windir%\Internet Logs\* . But strangely, 

ZoneAlarm sets the folder/file permission (NTFS) of %windir%\Internet Logs\* to,


after its first started.

Even If you try to change the permission to...

Administrator (s): full

system: full

users: read and execute

[these are the default permissions] 

Strangely, the permission again changes back to... EVERYONE: Full each time 

ZoneAlarm Pro (ZAP) is started. I've tested these in zap 4.x and 5.x

	This could prove harmful if we have a malicious program/user running with 

even with a user privilege on the system.

Well a malicious program could modify those config file in a way ZAP will stop 

functioning. This is what ZoneLabs had to say...


>anyone could open any ZoneAlarm file 

> (assuming it isn't locked), edit it with a hexeditor and 

> cause it to stop functioning. This type of modification 

> wouldn't be classified as an attack, as you have simply 

> modified the file and caused it to not function as expected. 

> This is true of any executable or other binary.



yap, true... but shouldn’t ZAP have some protection against such attacks? instead 

of leaving the permission to " EVERYONE: Full " I wonder if a program could bypass 

ZAP filters using "safePrograms*.xml" [...experimenting]

anyone wanna take this thing to a new level, please go on...


Bipin Gautam 

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2015 AOH