As mentioned at heise-newsticker, a specialized security team of ISS (X-Force) discovered two major flaws in FireWall-1 from Checkpoint. The first issue regards a format string handling error,
and the second concerns the VPN-products, including the VPN-gateway and
the SecuRemote/Secure-clients. The firewall is vulnerable because of a boundary error
in the isakmp processing, when FireWall-1 tries to authenticate a user.
Sending an extremely large "certificate request" message could be used
to execute arbitrary code with the privileges of the isakmp-process,
namely root or SYSTEM.
CheckPoint FireWall-1 Security Breach
Categories:
Tags:
Tag Cloud
Search
August 2009
| Sun | Mon | Tue | Wed | Thu | Fri | Sat |
|---|---|---|---|---|---|---|
| 1 | ||||||
| 2 | 3 | 4 | 5 | 6 | 7 | 8 |
| 9 | 10 | 11 | 12 | 13 | 14 | 15 |
| 16 | 17 | 18 | 19 | 20 | 21 | 22 |
| 23 | 24 | 25 | 26 | 27 | 28 | 29 |
| 30 | 31 |
Categories
Monthly Archives
- August 2009 (1)
- May 2009 (1)
- February 2009 (1)
- December 2008 (1)
- November 2008 (1)
- October 2008 (2)
- September 2008 (2)
- May 2007 (1)
- April 2007 (1)
- January 2007 (1)
- November 2006 (1)
- July 2006 (1)
- June 2006 (1)
- May 2006 (1)
- February 2006 (1)
- December 2005 (1)
- November 2005 (1)
- October 2005 (1)
- August 2005 (1)
- July 2005 (2)
- May 2005 (1)
- March 2005 (1)
- February 2005 (1)
- January 2005 (1)
- December 2004 (1)
- November 2004 (1)
- October 2004 (2)
- September 2004 (1)
- August 2004 (1)
- June 2004 (4)
- May 2004 (1)
- April 2004 (2)
- March 2004 (4)
- February 2004 (2)
- January 2004 (1)
- December 2003 (1)
- November 2003 (1)
- October 2003 (4)
- September 2003 (5)
- August 2003 (1)
- July 2003 (3)
- June 2003 (4)
- May 2003 (1)
- April 2003 (4)
- March 2003 (3)
- February 2003 (2)
- January 2003 (3)
Leave a comment