Vulnerabilities fixed in ZoneAlarm – again

On 15th April Japanese Matousec Transparent Security group reported about several Insufficient Argument Validation vulnerabilities in Check Point Zone Labs ZoneAlarm. The problem was related to Vsdatant.sys driver.

ZoneAlarm Pro versions 6.5.737.000 and 6.1.744.001 have been reported as affected. The group said 7.0.302.000 includes a fix, but the latest version is 7.0.337. It appears that has a disclosure policy keeping issues three months confidential.

According to the advisory “probably all versions of ZoneAlarm products branches 6.x” include this flaw.

Today, in turn, a Local Privilege Escalation vulnerability was reported in Check Point Zone Labs SRESCAN IOCTL by iDefense.

iDefense advisory states that version of Srescan.sys as installed with Zone Alarm Free is affected.

iDefense Labs informed Zone Labs on 19th Dec ’06 and again on 21th March ’07. The vulnerability mentioned was reported to iDefense (VCP) by Ruben Santamarta of