PGPFire Desktop Firewall ICMP Fingerprinting Vulnerability

PGPfire is a desktop firewall solution distributed and maintained by PGP Security. It is available for Microsoft Windows operating systems.

When PGPfire is installed on a system, the software replaces the default Windows TCP stack with a version supplied in the PGPfire package. In doing so, it makes it easier to identify the operating system of the host. This is due to the fact that the altered TCP stack produces responses uncharacteristic of any other operating system.

This could allow a remote user to fingerprint and identify sensitive information systems, and could result in an organized attack against sensitive resources.


Privacy Statement
Copyright 2010, SecurityFocus