Flaws uncovered in Check Point firewall software
Flaws uncovered in Check Point firewall software
Two potentially serious flaws have been uncovered in Check Point Software's firewall software that could expose users' corporate networks to attacks and theft of sensitive data.
Both flaws were discovered by security firm Internet Security Systems' (ISS) X-Force team.
ISS' X-Force found a flaw in the HTTP Application Intelligence component of Firewall-1. Application Intelligence is a relatively recent addition to Check Point's Firewall-1 product line and functions as an application proxy between untrusted networks and network servers for the purpose of detecting and preventing potential attacks.
The vulnerabilities also exist within the HTTP Security Server application proxy that ships with all versions of Firewall-1 (including those prior to Application Intelligence releases). The affected components contain several remotely exploitable format string vulnerabilities.
While Check Point has issued a patch for the first of the flaws, in the Application Intelligence Firewall application, it will not be doing so for the latter, as it is an older version that is no longer supported by the company. Check Point said that at least 70 percent of its customers have already migrated to the newer version, and have advised those who have not yet done so, to upgrade to protect against the flaw.
Although the flaws in the software are potentially very damaging if exploited, writing the code that would successfully exploit the flaws is not easy, so the chances of users being affected is minimal, though both Check Point and ISS are advising those users affected by this to plug the holes immediately.
Related Article: