Sygate Security Response
Sygate was made aware of an exposure in Sygate Personal Firewall and
Sygate Security Agent on 2/21/2003 by way of the vuln-dev mailing list in
a post by xenophi1e (oliver.laveryat_private).
Sygate Security Bulletin ID
----------------------------
SS20030221-0001
Description
------------
The reporter of the vulnerability described a problem in Sygate Personal
Firewall Pro, ZoneAlarm Pro 3.5, Zero-Knowledge Freedom Firewall,
LooknStop 2.04, and Norton Personal Firewall 2003. The reporter of the
vulnerability described a problem in which an attacker can bypass a personal
firewall and possibly perform malicious actions.
Impact of this vulnerability
-----------------------------
Only versions prior to build 1175 (available 1/29/2003) of Sygate Personal
Firewall are impacted by this vulnerability.
Only versions prior to build 1152 (available 10/22/2002) of Sygate Security
Agent Maintenance Release 1 are impacted by this vulnerability.
Sygate Personal Firewall and Sygate Security Agent prevent a program from
creating a new thread within the address space of Sygate Personal Firewall
or Sygate Security Agent and therefore prevents a thread from being created
to
execute malicious code.
Affected software
-----------------
* Sygate Personal Firewall Pro 5.0
* Sygate Personal Firewall 5.0
* Sygate Security Agent
Vulnerability resolution
------------------------
Sygate Personal Firewall users running a Build prior to 1175 should download
the latest version, available at:
http://soho.sygate.com/free/default.php
Sygate Security Agent users should contact their Sygate Enterprise Support
Representative for the latest update.
In conformance with RFPolicy, Sygate has a securityat_private email
address and encourages the security research community to utilize it when
reporting exposures in Sygate products.
Regards,
Seth Knox
Product Manager
Sygate Technologies
This archive was generated by hypermail 2b30 : Mon Feb 24 2003 - 13:26:57 PST