NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW1] Check Point RDP bypass vulnerability



Hi,

We are using FW-1 Ver 4.0, does anyone know if this
vulnerability affects ver 4.0?


Cheers,
Ivan

--- [email protected] wrote:
> 
> I haven't seen this show up on the list yet so I
> thought I'd send it through. It's probably cue'd up
> right now and we'll see a deluge of these anytime.
> Anyhow....
> 
> Inside Security GmbH has discovered a vulnerability
> in CP FW-1 that will allow UDP packets with a fake
> RDP header to be forwarded to an internal host on
> port 259.
> 
> Here's the links:
> 
> Original Buqtraq post:
>
http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26start%3D2001-07-08%26mid%3D195620%26fromthread%3D0%26threads%3D0%26end%3D2001-07-14%26
> 
> CERT advisory:
> http://www.cert.org/advisories/CA-2001-17.html
> 
> Inside Security GmbH advisory (same as Bugtraq):
>
http://www.inside-security.de/advisories/fw1_rdp.html
> 
> Check Point's response with hotfixes:
>
http://www.checkpoint.com/techsupport/alerts/rdp.html
> 
> The advisory said proof of concept code will be
> released in a couple of days so let's see everyone
> patch this up before someone puts together a trojan
> that uses this vulnerability.
> 
> Regards,
> Jason Stout 
> 
> 
> 
> 
>
================================================================================
>      To unsubscribe from this mailing list, please
> see the instructions at
>               
> http://www.checkpoint.com/services/mailing.html
>
================================================================================
> 


_______________________________________________________
Do You Yahoo!?
Get your free @yahoo.ca address at http://mail.yahoo.ca


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.