urgent: CheckPoint firewall critical vulnerability

[REN-ISAC <dodpears () INDIANA EDU>]

ISS X-Force has discovered a flaw in the HTTP Security Server component of the CheckPoint FireWall-1. As of Wednesday 
2/4 2000 EST, public reports from ISS and Checkpoint differ in regard to the the extent and criticality of the 
vulnerability. ISS reports that a remote unauthenticated attacker may be able exploit the vulnerability to execute 
commands under superuser context - LEADING TO DIRECT COMPROMISE OF THE FIREWALL. ISS also reports that unsupported 
pre-NG versions of the software have a similar flaw.

Information regarding the vulnerability and patches are available at:
http://www.checkpoint.com/techsupport/alerts/index.html.

Additional IN-DEPTH information is available at ISS XFORCE:

Checkpoint Firewall-1 HTTP Parsing Format String Vulnerabilities (NG)
http://xforce.iss.net/xforce/alerts/id/162

Checkpoint VPN-1/SecureClient ISAKMP Buffer Overflow (pre-NG)
http://xforce.iss.net/xforce/alerts/id/163


CVE Candidate numbers are:
CAN-2004-0039 (for NG version), and
CAN-2004-0040 (for pre-NG version).


Doug Pearson
REN-ISAC
24x7 Watch Desk: +1(317)278-6630
http://www.ren-isac.net
PGP: http://mypage.iu.edu/~dodpears/dodpears_pubkey.asc

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/cg/.