ZoneAlarm Pro Configuration File/Directory Permission Weakness DoS

This script is Copyright (C) 2004-2011 Tenable Network Security, Inc.


Synopsis :

This host is running a firewall with a denial of service vulnerability.

Description :

This host is running a version of ZoneAlarm Pro that contains a flaw which may
allow a local denial of service. To exploit this flaw, an attacker would need
to tamper with the files located in %windir%/Internet Logs. An attacker may
modify them and prevent ZoneAlarm from starting up properly.

See also :

http://archives.neohapsis.com/archives/fulldisclosure/2004-08/0871.html

Solution :

Upgrade to the latest version of this software.

Risk factor :

Medium / CVSS Base Score : 4.9
(CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C)

Family: Firewalls

Nessus Plugin ID: 14726 ()

Bugtraq ID:

CVE ID: CVE-2004-2713