TechTarget

ISS warns of holes in Check Point software

Internet Security System (ISS) has warned of critical vulnerabilities in Check Point Software Technologies' Check Point...

Internet Security System (ISS) has warned of critical vulnerabilities in Check Point Software Technologies' Check Point Firewall-1, Check Point VPN-1 Server, SecuRemote and SecureClient VPN (virtual private network) clients.

The first vulnerability is related to a flaw in the HTTP Security Server application proxy shiping with all versions of Firewall-1 which allows remote attackers to modify or tamper with the firewall rules and configuration.

A second flaw within the ISKMAP processing for VPN-1 Server, SecuRemote and SecureClient allows a remote attacker to compromise the security of any VPN-1 server or client running SecuRemote and SecureClient.

Check Point no longer supports the versions of VPN-1 and SecureRemote/SecureClient affected by this vulnerability. Check Point recommended users upgrade to Firewall-1 NG FP1 or greater.

Sumner Lemon writes for IDG News Service

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close