CheckPoint has urged customers of its firewall and virtual private network products to patch their systems or upgrade software, after critical vulnerabilities and exploits were discovered by a security watch company.
The flaws could allow attackers to enter networks and crash computers, Internet Security Systems said in a critical alert. The seriousness of these vulnerabilities lies in the fact that security software, firewalls and intrusion detection systems are intended to defend against intruders.
Niall Moynihan, northern European technical director for CheckPoint, says that to the company`s knowledge, "no customer has been affected by either of the two security issues".
The low-down
The FireWall-1 HTTP parsing format string vulnerabilities affect HTTP security servers on NG versions, while the VPN-1, SecuRemote and SecureClient ISAKMP Buffer Overflow affects VPN servers and clients on pre-NG FP2 versions, including v 4.1, Moynihan says.
In order to protect FireWall-1 customers, CheckPoint recommends that all customers apply a change to a configuration file on the enforcement modules that will solve the problem. Information about where to download the update is available at the Alerts section of CheckPoint Technical Services` "Public Support" site.
The ISAKMPD buffer overflow issue can be resolved by upgrading products to the latest release of CheckPoint NG FP2 or later. "Customers who cannot upgrade should contact CheckPoint Technical Services or their CheckPoint partner for assistance, at which time a fix will be made available."
Customers who are running an earlier version of VPN-1 and SecuRemote/SecureClient 4.1 prior to SP6 and cannot upgrade to SP6 should contact CheckPoint Professional Services for assistance. "It is very important that customers continuously keep their security infrastructure updated," Moynihan cautions.
Local perspective
Gary Middleton, GM for Dimension Data Security, says DiData accounts for 50% of CheckPoint`s South African business, with 120 installations supporting "many thousands of users". DiData is alerting customers to the vulnerabilities and customers` patching or upgrade needs.
Middleton says about 60% of firewall customers have the VPN portion, either standalone as VPN-1, or included free of charge in the new FireWall-1.
Share