Check Point�s IPS protects customers using the IPS Software Blade for Security Gateway R70, VPN-1� NGX R65, R62, VSX NGX R65, IPS-1, and IPS-1 NGX R65 from the following zero-day vulnerability:

Microsoft IIS WebDAV Extension URL Decoding Security Bypass Vulnerability

Industry Reference: CVE-2009-1535.

An elevation of privilege vulnerability has been reported in the Microsoft Windows WebDAV extension for IIS. Web Distributed Authoring and Versioning (WebDAV) is a set of extensions for HTTP that allow clients to publish, lock, and manage resources on the Web. A remote attacker may exploit this vulnerability to gain unauthorized access to protected resources. This protection will detect and block WebDAV requests attempting to exploit this vulnerability.

Protections are available immediately for this vulnerability. See CPAI-2009-130.

May 19, 2009

You have received this notification because you have subscribed to the SmartDefense mailing list. If you would prefer to no longer receive security alerts and defense notifications please click to Unsubscribe

As always, please feel free to contact us directly if you have any comments or questions.

Read Check Point's Privacy Policy
©2003?2009 Check Point Software Technologies Ltd. (Nasdaq: CHKP) All rights reserved.
800 Bridge Parkway, Redwood City, CA USA 94065