[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ZoneAlarm Security Circumvention

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: ZoneAlarm Security Circumvention
From: Ansgar Wiechers <bugtraq@xxxxxxxxxxxxxxxx>
Date: Mon, 8 Mar 2010 22:56:17 +0100

On 2010-03-08 Andrew Barkley wrote:
> The following illustrates how one can easily disable ZoneAlarm's
> security for whatever malevolent purposes. This "vector" so to speak,
> is merely "abusing" a particular branch of the Windows registry, by
> registering this security service as disabled. When "exploiting" this
> "vector" (administrative privileges are assumed

Anything starting with "a user with administrative privileges can ..."
is neither a vulnerability nor a design flaw. Administrators can by
design do anything they want on the system. Period.

Regards
Ansgar Wiechers
-- 
"All vulnerabilities deserve a public fear period prior to patches
becoming available."
--Jason Coombs on Bugtraq

References:
- ZoneAlarm Security Circumvention
  - From: Andrew Barkley

Prev by Date: PlumberCon 10 - Call for Papers
Next by Date: Vulnerability httpdx v1.5.3
Previous by thread: ZoneAlarm Security Circumvention
Next by thread: [ MDVSA-2010:057 ] apache
Index(es):
- Date
- Thread