First published: Sat Dec 31 2005(Updated: )
Multiple Check Point Zone Labs ZoneAlarm products before 7.0.362, including ZoneAlarm Security Suite 5.5.062.004 and 6.5.737, use insecure default permissions for critical files, which allows local users to gain privileges or bypass security controls.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Alarm | <=7.0.337.0 | |
ZoneAlarm Security Suite | =5.5.062.004 | |
ZoneAlarm Security Suite | =6.5.737 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2005-2932 is considered a high severity vulnerability due to the potential for local users to gain privileges.
To fix CVE-2005-2932, update the affected Check Point Zone Labs ZoneAlarm products to version 7.0.362 or later.
CVE-2005-2932 affects multiple ZoneAlarm products including Security Suite versions 5.5.062.004 and 6.5.737, as well as versions prior to 7.0.362.
CVE-2005-2932 allows local users to bypass security controls or escalate their privileges due to insecure default permissions.
Yes, CVE-2005-2932 is relatively easy to exploit for local users familiar with the environment.