Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!

TUCoPS :: Security App Flaws :: win5230.htm

ZoneAlarm - vulnerability allowing bypass of ZoneAlarm's e-mail protection system MailSafe
3rd Apr 2002 [SBWID-5230]

	vulnerability allowing bypass of ZoneAlarm\'s e-mail  protection  system


	ZoneAlarm 3.0 MailSafe


	Edvice   Security   Services   []    found
	following regarding MailSafe, email protection module for  ZoneAlarm,  a
	personal firewall.

	It is possible to bypass ZoneAlarm Email Protection by appending  a  dot
	to the file name extension (e.g. malicious.exe becomes  malicious.exe.).
	The dot changes the file name extension and MailSafe  fails  to  compare
	it with known dangerous extensions. The MS-Windows operating  system  on
	the other hand disregards a dot at the end of a file name. When  Windows
	is given a file name ending with a dot,  it  will  automatically  remove
	the dot from the file name extension. When Outlook  or  Outlook  Express
	receives a file name that ends with a dot, it will present the dot,  but
	will   launch   the   appropriate   application   when   the   file   is
	double-clicked, as if the dot does not exist.


	Fix v3.0.118 is available from ZoneLabs []

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2015 AOH