[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW1] Check Point RDP bypass vulnerability
I haven't seen this show up on the list yet so I thought I'd send it through. It's probably cue'd up right now and we'll see a deluge of these anytime. Anyhow.... Inside Security GmbH has discovered a vulnerability in CP FW-1 that will allow UDP packets with a fake RDP header to be forwarded to an internal host on port 259. Here's the links: Original Buqtraq post: http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26start%3D2001-07-08%26mid%3D195620%26fromthread%3D0%26threads%3D0%26end%3D2001-07-14%26 CERT advisory: http://www.cert.org/advisories/CA-2001-17.html Inside Security GmbH advisory (same as Bugtraq): http://www.inside-security.de/advisories/fw1_rdp.html Check Point's response with hotfixes: http://www.checkpoint.com/techsupport/alerts/rdp.html The advisory said proof of concept code will be released in a couple of days so let's see everyone patch this up before someone puts together a trojan that uses this vulnerability. Regards, Jason Stout ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|