Home
Topics
IT management
IT strategy
ISS warns of holes in Check Point software

News

ISS warns of holes in Check Point software

Internet Security System (ISS) has warned of critical vulnerabilities in Check Point Software Technologies' Check Point Firewall-1, Check Point VPN-1 Server, SecuRemote and SecureClient VPN (virtual private network) clients.

The first vulnerability is related to a flaw in the HTTP Security Server application proxy shiping with all versions of Firewall-1 which allows remote attackers to modify or tamper with the firewall rules and configuration.

A second flaw within the ISKMAP processing for VPN-1 Server, SecuRemote and SecureClient allows a remote attacker to compromise the security of any VPN-1 server or client running SecuRemote and SecureClient.

Check Point no longer supports the versions of VPN-1 and SecureRemote/SecureClient affected by this vulnerability. Check Point recommended users upgrade to Firewall-1 NG FP1 or greater.

Sumner Lemon writes for IDG News Service

Related Topics: IT strategy, IT architecture, VIEW ALL TOPICS

Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Read More

Related content from ComputerWeekly.com
RELATED CONTENT FROM THE TECHTARGET NETWORK

COMMENTS powered by Disqus // Commenting policy

More from Related TechTarget Sites

CIO
Security
Networking
Data Center
Data Management

CIO
- Amid school budget cuts, CIO combines cost savings with innovation
  
  Amid budget cuts, a Florida school district CIO earns high marks for innovations that shore up and improve IT while saving money.
- Students-first mentality drives IT innovation at Athabasca University
  
  CIO Brian Stewart put students first in an overhaul of IT systems at Athabasca University. Read more about this IT Leadership Awards finalist.
- Consistent cybersecurity training a must to meet evolving threats
  
  In this week's Searchlight: bold new threats highlight need for cybersecuity training, why big data requires soft skills, cloud confusion and more.
Security
- Information Sharing and Analysis Centers: Getting started with ISACs
  
  Joe Granneman explains how ISACs enable cybersecurity information sharing and the basic requirements for joining an ISAC.
- Using EMET to harden Windows XP and other legacy applications
  
  Expert Michael Cobb details how using EMET, a free tool from Microsoft, can harden Windows XP and other legacy applications.
- Zed Attack Proxy tutorial: Uncover Web app vulnerabilities using ZAP
  
  Video: Keith Barker of CBT Nuggets offers a OWASP Zed Attack Proxy tutorial. Learn how to find and nullify Web application vulnerabilities using ZAP.
Networking
- Troubleshooting network problems with good governance and design
  
  Packet loss, oversubscription, unpatched and inconsistent switch software still plague enterprise networks. Find out how engineers are fighting back.
- Networking blogs: Overlay Transport Virtualization, SDDC practicality
  
  In this week's networking roundup, bloggers advise how to use Overlay Transport Virtualization and discuss what's needed for a mature SDDC.
- Q&A: Why WLAN test tools should evolve quickly -- but likely won't
  
  Network consultant Peter Welcher talked to SearchNetworking about the evolution of WLAN test tools as more businesses look to wireless networks.
Data Center
- Data center technologies evolve to meet tomorrow's computing demands
  
  VMware's upcoming public cloud and AMD's 64-bit ARM servers are technologies for the data center that exemplify the changes in the IT industry.
- New data center cooling strategies to improve efficiency, lower costs
  
  Stagnant strategies for data center cooling will keep energy bills climbing ever higher, but a more modern approach can bring them back down to earth.
- Converged systems usher in data center transformation
  
  The rise of converged systems has brought a new level of manageability to the data center, but these integrated offerings have a few drawbacks.
Data Management
- New BI stack tackles data load at Boston Children's Hospital
  
  Boston Children's Hospital upgraded its business intelligence architecture to boost enterprise reporting, a move that also required retraining users.
- Expanded Hadoop use cases will drive need for new enterprise features
  
  With user interest rising, Hadoop vendors are trying to pave a path to higher adoption with add-ons that target issues holding the technology back.
- Jim Goodnight on SAS in-memory analytics and the data scientist
  
  A podcast Q&A with SAS execs Jim Goodnight and Jim Davis looks at big data enablers, including in-memory analytics, and the role of data scientists.

All Rights Reserved,Copyright 2000 - 2013, TechTarget