 |
Check Point�s update services protect customers using the IPS Software Blade for Security Gateway R70, VPN-1� NGX R65, R62, R61, R60, VSX NGX R65, InterSpect NGX, IPS-1, and IPS-1 NGX R65 from the following vulnerabilities:
 Multiple Microsoft DNS Server Cache Spoofing Vulnerabilities (MS09-008)
Industry References: CVE-2009-0233, CVE-2009-0234.
Multiple spoofing vulnerabilities have been reported in Windows DNS server. These vulnerabilities could allow a remote attacker to spoof responses and insert records into the DNS server's cache. The DNS caching resolver service saves the responses to DNS queries so that the DNS server is not repeatedly queried for the same information. A remote attacker may exploit these issues to create DNS cache poisoning. SmartDefense Services protection will detect and block multiple requests with the same domain name sent to the vulnerable server.
Protections are available immediately for these vulnerabilities. See CPAI-2009-036.
Check Point�s update services protect customers using the IPS Software Blade for Security Gateway R70, VPN-1� NGX R65, R62, R61, R60, VSX NGX R65, and InterSpect NGX from the following vulnerabilities:
Microsoft DNS Server WPAD Registration Spoofing Vulnerability (MS09-008)Industry Reference: CVE-2009-0093.
A Web Proxy Auto-Discovery (WPAD) registration spoofing vulnerability has been reported in Microsoft DNS servers. WPAD feature enables web clients to automatically detect proxy settings without user intervention. DNS Spoofing allows an attacker to change a DNS entry so it would point to an IP of his own choice. This vulnerability could allow a remote attacker to spoof a web proxy, thereby redirecting Internet traffic from legitimate locations. SmartDefense Services protection will detect and block attempts to register vulnerable names in the DNS database.
Protections are available immediately for this vulnerability. See CPAI-2009-032.
Microsoft WINS Server WPAD Registration Spoofing Vulnerability (MS09-008)Industry Reference: CVE-2009-0094.
A Web Proxy Auto-Discovery (WPAD) registration spoofing vulnerability has been reported in Microsoft WINS servers. WPAD feature enables web clients to automatically detect proxy settings without user intervention. Spoofing allows an attacker to change a server entry so it would point to an IP of his own choice. This vulnerability could allow a remote attacker to spoof a web proxy, thereby redirecting Internet traffic from legitimate locations. SmartDefense Services protection will detect and block attempts to register vulnerable names in the WINS database.
Protections are available immediately for this vulnerability. See CPAI-2009-034.
Microsoft Windows Security Support Provider SChannel Spoofing Vulnerability (MS09-007)Industry Reference: CVE-2009-0085.
A spoofing vulnerability has been reported in the Microsoft Windows Security Support Provider (SSP) SChannel authentication component when using certificate based authentication. SSP is a dynamic-link library (DLL) that implements a common interface between transport-level applications and security providers by making one or more security packages available to applications. Security packages support security protocols such as Kerberos authentication and Secure Channel (SChannel) authentication. A remote attacker may exploit this vulnerability to authenticate against a protected server, despite not having access to the authorized user's private key, which is normally required for successful authentication when the server is configured to require client authentication. SmartDefense Services protection will detect and block attempts to exploit the spoofing vulnerability.
Protections are available immediately for this vulnerability. See CPAI-2009-038.
Check Point�s update services protect customers using the IPS Software Blade for Security Gateway R70 from the following vulnerabilities:
Microsoft Windows Kernel Input Validation Remote Code Execution Vulnerability (MS09-006)Industry Reference: CVE-2009-0081.
A remote code execution vulnerability has been discovered in the Windows kernel. The Windows kernel is the core of the operating system. It provides system level services, allocates processor time to processes, and manages error handling. This vulnerability is caused by the improper validation of input passed from user mode through the kernel component of the graphics device interface (GDI). Successful exploitation of this vulnerability may allow execution of arbitrary code on an affected system. SmartDefense Services protection will detect and block the transferring of malformed EMF files over HTTP.
Protections are available immediately for this vulnerability. See CPAI-2009-040.
| March 10, 2009
 | You have received this notification because you have subscribed to the SmartDefense mailing list. If you would prefer to no longer receive security alerts and defense notifications please click to Unsubscribe
As always, please feel free to contact us directly if you have any comments or questions.
Read Check Point's Privacy Policy
©2003�2009 Check Point Software Technologies Ltd. (Nasdaq: CHKP) All rights reserved.
800 Bridge Parkway, Redwood City, CA USA 94065 |
|