Check Point Firewall security scare
Results 1 to 2 of 2

Thread: Check Point Firewall security scare

  1. #1
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,324

    Check Point Firewall security scare

    Didn't see this posted yet.

    Fix available. Get it

    By INQUIRER staff: Thursday 29 January 2004, 11:38

    HIGHLY CRITICAL errors in popular firewall software from Check Point need filling quick, according to a security bulletin from Secunia.
    The alert service said there are hotfixes available for Check Point's FireWall-1 NG with AI, and the Achilles' Hell is in the implementation of the H.323 protocol.

    Check Point has acknowledged the problems, said Secunia, which can cause denial of service attacks or system access from default port 1720/tcp.
    http://www.theinquirer.net/?article=13881

    H.323 Vulnerability

    26 January 2004

    A recent NISCC advisory reveals vulnerabilities in H.323 equipment including GateKeepers, endpoints (phones, softphones, video cameras, etc.), and firewalls that enforce H.323 security.

    In order to protect FireWall-1 against the attacks described in this advisory, Check Point recommends that customers install an update on all enforcement modules.

    The update is available for Software Subscription customers from the links below. Check Point also encourages you to contact your H.323 equipment vendors (especially GateKeeper) for any related updates.
    http://www.checkpoint.com/techsupport/alerts/h323.html
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  2. #2
    Yes, that's my CC number! 576869746568617's Avatar
    Join Date
    Dec 2003
    Location
    Earth
    Posts
    397

    Flaw in the protocol

    The flaw seems to be in the H.323 protocol itself:

    Original release date: January 13, 2004
    Last revised: January 15, 2004
    Source: CERT/CC, NISCC

    A complete revision history can be found at the end of this file.

    Systems Affected

    Many software and hardware systems that implement the H.323 protocol
    Examples include:

    * Voice over Internet Protocol (VoIP) devices and software
    * Video conferencing equipment and software
    * Session Initiation Protocol (SIP) devices and software
    * Media Gateway Control Protocol (MGCP) devices and software
    * Other networking equipment that may process H.323 traffic (e.g., routers and firewalls)

    Overview

    A number of vulnerabilities have been discovered in various implementations of the multimedia telephony protocol H.323. Voice over Internet Protocol (VoIP) and video conferencing equipment and software can use these protocols to communicate over a variety of computer networks.
    Get the full writeup on CERT's website

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •