Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-1373

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2001-1373
Last Modified 05 Sep 2008 04:26:23
Published 18 Jul 2001 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2001-1373

Summary

MailSafe in Zone Labs ZoneAlarm 2.6 and earlier and ZoneAlarm Pro 2.6 and 2.4 does not block prohibited file types with long file names, which allows remote attackers to send potentially dangerous attachments.

Vulnerable Systems

Application

  • Zonelabs Zonealarm 2.1

  • Zonelabs Zonealarm 2.2

  • Zonelabs Zonealarm 2.3

  • Zonelabs Zonealarm 2.4

  • Zonelabs Zonealarm 2.5

  • Zonelabs Zonealarm 2.6


References

XF - zonealarm-bypass-mailsafe(6877)

CONFIRM - http://www.zonelabs.com/products/zap/rel_history.html#2.6.362

BID - 3055

BUGTRAQ - 20010718 ZoneAlarm Pro


Last Updated: 27 May 2016 10:36:38