PT-2005-1221 · Check Point · Zonealarm+2

Published

2005-02-11

Updated

2008-09-05

CVE-2005-0114

CVSS v2.0

2.1

Low

Vector

AV:L/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions ZoneAlarm versions prior to 5.5.062.011 ZoneAlarm Wireless versions prior to 5.5.080.000 Check Point Integrity Client versions 4.x prior to 4.5.122.000 Check Point Integrity Client versions 5.x prior to 5.1.556.166

Description The issue arises from improper verification of the ServerPortName argument to the NtConnectPort function, allowing local users to cause a denial of service (system crash) when the software attempts to dereference an invalid pointer.

Recommendations For ZoneAlarm versions prior to 5.5.062.011, update to version 5.5.062.011 or later. For ZoneAlarm Wireless versions prior to 5.5.080.000, update to version 5.5.080.000 or later. For Check Point Integrity Client versions 4.x prior to 4.5.122.000, update to version 4.5.122.000 or later. For Check Point Integrity Client versions 5.x prior to 5.1.556.166, update to version 5.1.556.166 or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2005-0114

Affected Products

Check Point Integrity Client

Zonealarm

Zonealarm Wireless

PT-2005-1221 · Check Point · Zonealarm+2

CVE-2005-0114

Related Identifiers

Affected Products

References · 5