ZoneAlarm 2.1至2.6版本和 ZoneAlarm Pro 2.4至2.6版本存在漏洞。本地用户可以借助与Windows协议适配器一起创建的非标准TCP数据包逃过过滤器。
ZoneAlarm has reportedly released a fix that does not allow for transmission of outbound traffic from non-standard protocol adapters. Currently we do not have information on this fix, however we will update this record when it is available. Currently the SecurityFocus staff are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: firstname.lastname@example.org .
ZoneAlarm contains a flaw that may allow a remote attacker to bypass the firewall's access control filtering mechanism. The problem is that the application fails to inspect and block outbound packets generated by alternate protocol stacks, which may allow a remote attacker to bypass outbound filterings by using non-standard TCP packets created with non-Windows protocol adapters resulting in a loss of integrity.
Currently, there are no known upgrades, patches, or workarounds available to correct this issue.