 |
Check Point�s IPS update services protect customers using the IPS Software Blade for Security Gateway R70, VPN-1� NGX R65, and VSX NGX R65 from the following vulnerabilities:
 Sun Solaris sadmind RPC Request Integer Overflow Vulnerability
Industry Reference: CVE-2008-3870.
An integer overflow vulnerability was reported in the sadmind service within the Sun Solaris operating system. sadmind is a daemon used to control servers running Sun Solaris operating system. The vulnerability is triggered when parsing crafted RPC requests. A remote unauthenticated attacker can leverage this vulnerability by sending a crafted RPC message to the target host, to potentially inject and execute arbitrary code. This protection will detect and block malformed RPC requests to the sadmind program.
Protections are now available for this vulnerability. See CPAI-2009-093.
Microsoft Active Directory Memory Leak Denial of Service Vulnerability (MS09-018) Industry Reference: CVE-2009-1139.
A denial of service vulnerability has been reported in Microsoft Active Directory. Active Directory provides central authentication and authorization services for Windows-based systems. Active Directory Application Mode (ADAM) is a Lightweight Directory Access Protocol (LDAP) directory service that runs as a user service. A remote attacker can exploit this issue to create a denial of service condition on a vulnerable system. This protection will detect and block malformed LDAP requests sent to the vulnerable server.
Protections are now available for this vulnerability. See CPAI-2009-156.
Recent Malware Threats (5-Jul-09)Malware is a software designed to infiltrate or damage a computer system without the owner's informed consent. It is a general name for a variety of forms of hostile, intrusive, or annoying programs like Viruses, worms, Adware, Trojans, and spyware that exploit unprotected clients, using network access to intrude upon organizations, destroying or stealing data. IPS will detect and block the malware based on predefined signatures. The update includes 4 new protections against recent malware threats: Trickler: Trojan.Swizzor-D, Trickler: Trojan-PSW.Win32.QQPass.gam, Rogue-Software: Total Protect 2009, Rogue-Software: Pro Antispyware 2009, Keylogger: W32.Smalltroj.MHYR, Trickler: Trojan.Crypt.CY, Rogue-Software: Win PC Defender, Hijacker: Cinmus Variant, Rogue-Software: MS, Antispyware 2009, Rogue-Software: XP Police Antivirus, Adware: Win32.Frosty.
New Protections are available for these Malware. See CPAI-2009-117.
Check Point�s IPS update services protect customers using IPS-1 and IPS-1 NGX R65 from the following vulnerabilities:
IBM AIX ToolTalk RPC Server Remote Buffer Overflow VulnerabilityA buffer overflow vulnerability has been discovered in IBM AIX ToolTalk RPC Server. ToolTalk is an inter-application communications system developed by Sun Microsystems in order to allow applications to communicate with each other at runtime. The ToolTalk service is designed to facilitate the development of inter-operating applications that serve individuals and work groups. A remote attacker may exploit this issue to compromise an affected system. This protection will detect and block attempts to exploit this vulnerability.
Protections are now available for this vulnerability. See CPAI-2009-115.
CA ARCserve Backup Message Engine Denial of Service VulnerabilityIndustry Reference: CVE-2009-1761.
A denial of service vulnerability exists in CA ARCserve Backup Message Engine. The vulnerability is due to insufficient data validation. A remote unauthenticated attacker may exploit this vulnerability by sending a crafted message to the target server, potentially leaing to denial of service condition to the Message Engine. This protection will detect and block specific RPC requests to the RCserve Message Engine with invalid parameters.
New protections are available for this vulnerability. See CPAI-2009-099.
| July 5, 2009
 | You have received this notification because you have subscribed to the SmartDefense mailing list. If you would prefer to no longer receive security alerts and defense notifications please click to Unsubscribe
As always, please feel free to contact us directly if you have any comments or questions.
Read Check Point's Privacy Policy
©2003.2009 Check Point Software Technologies Ltd. (Nasdaq: CHKP) All rights reserved.
800 Bridge Parkway, Redwood City, CA USA 94065 |
|