nanog mailing list archives
RE: ISS X-Force Security Advisories on Checkpoint Firewall-1 and VPN-1
From: Chris Brenton <cbrenton () chrisbrenton org>
Date: Fri, 06 Feb 2004 13:19:08 -0500
On Fri, 2004-02-06 at 09:43, McBurnett, Jim wrote:
If I was a real hacker, and I found the problem, might I also know the fix? And if I was really nice, would I give that fix to the vendor? Or could it be that a former Checkpoint employee is now an ISS employee? Or .....?
In my experience, CP does not exactly have the best track record for fixing problems. When I've informed them of vulnerabilities in the past I've heard everything from "Well you would not have that problem if you used the product the way it was intended" (remote overflow), to "we'll fix that problem in the service release coming out 3 months from now (DoS script kiddies were using against multiple sites, tool in the wild). Some vendors are slow no matter what you do. :( C
Current thread:
- Re: ISS X-Force Security Advisories on Checkpoint Firewall-1 and VPN-1, (continued)
- Re: ISS X-Force Security Advisories on Checkpoint Firewall-1 and VPN-1 Rubens Kuhl Jr. (Feb 05)
- Re: ISS X-Force Security Advisories on Checkpoint Firewall-1 and VPN-1 Crist Clark (Feb 05)
- Re: ISS X-Force Security Advisories on Checkpoint Firewall-1 and VPN-1 Steven M. Bellovin (Feb 05)
- Re: ISS X-Force Security Advisories on Checkpoint Firewall-1 and VPN-1 Rubens Kuhl Jr. (Feb 05)
- Re: ISS X-Force Security Advisories on Checkpoint Firewall-1 and VPN-1 Valdis . Kletnieks (Feb 05)
- Re: ISS X-Force Security Advisories on Checkpoint Firewall-1 and VPN-1 Stephen Stuart (Feb 05)
- Re: ISS X-Force Security Advisories on Checkpoint Firewall-1 and VPN-1 Randy Bush (Feb 05)
- Re: ISS X-Force Security Advisories on Checkpoint Firewall-1 and VPN-1 Laurence F. Sheldon, Jr. (Feb 05)
- Re: ISS X-Force Security Advisories on Checkpoint Firewall-1 and VPN-1 Valdis . Kletnieks (Feb 05)
- Re: ISS X-Force Security Advisories on Checkpoint Firewall-1 and VPN-1 Rubens Kuhl Jr. (Feb 05)
- RE: ISS X-Force Security Advisories on Checkpoint Firewall-1 and VPN-1 Chris Brenton (Feb 06)