header-logo
Suggest Exploit
vendor:
ZoneAlarm Firewall
by:
SecurityFocus
7.5
CVSS
HIGH
ZoneAlarm Firewall Port Scanning
N/A
CWE
Product Name: ZoneAlarm Firewall
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2002

ZoneAlarm Firewall Port Scanning

Certain versions of Zone Labs personal Firewall have a vulnerability which allows malicious users to port scan the firewall without being detected. In particular if the port scan originates from source port 67 on the attacking host the ZoneAlarm fails to register the attack.

Mitigation:

Upgrade to the latest version of ZoneAlarm Firewall.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/1137/info

Certain versions of Zone Labs personal Firewall have a vulnerability which allows malicious users to port scan the firewall without being detected. In particular if the port scan originates from source port 67 on the attacking host the ZoneAlarm fails to register the attack.

nmap -g67 -P0 -p130-140 -sU <targethost>

Navigation

Suggest Exploit

Services By CQR