漏洞信息详情

Tiny Personal Firewall出站数据包绕过漏洞

• CNNVD编号：CNNVD-200112-160
• 危害等级： 低危
  
• CVE编号： CVE-2001-1549
• 漏洞类型： 设计错误
• 发布时间： 2001-12-31
• 威胁类型： 本地
• 更新时间： 2005-10-20
• 厂        商： tiny_software
• 漏洞来源： .');">Discovered by Tom ...

漏洞简介

Tiny Personal Firewall 1.0和2.0版本存在漏洞。本地用户借助非标准TCP包创建的非Windows协议适配器从而绕过过滤。

漏洞公告

ZoneAlarm has reportedly released a fix that does not allow for transmission of outbound traffic from non-standard protocol adapters. Currently we do not have information on this fix, however we will update this record when it is available. Currently the SecurityFocus staff are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] .

参考网址

来源: BID 名称: 3647 链接:http://www.securityfocus.com/bid/3647 来源: XF 名称: zonealarm-tiny-bypass-filter(7671) 链接:http://www.iss.net/security_center/static/7671.php 来源: BUGTRAQ 名称: 20011205 Flawed outbound packet filtering in various personal firewalls 链接:http://archives.neohapsis.com/archives/bugtraq/2001-12/0056.HTML

受影响实体

• Tiny_software Tiny_personal_firewall:2.0  
• Tiny_software Tiny_personal_firewall:1.0  
• Tiny_software Tiny_personal_firewall:1.0  
• Tiny_software Tiny_personal_firewall:2.0  

补丁

暂无