 |
 Recent Malware Threats (1-Sep-09)
Malware is a software designed to infiltrate or damage a computer system without the owner's informed consent. It is a general name for a variety of forms of hostile, intrusive, or annoying programs like Viruses, worms, Adware, Trojans, and spyware that exploit unprotected clients, using network access to intrude upon organizations, destroying or stealing data. IPS will detect and block the malware based on predefined signatures. The update includes 9 new protections against recent malware threats.
Security Gateway R70: A new protection is now available.
VPN-1 NGX R65 & VSX NGX R65: A new protection is now available.
CPAI-2009-177.
Security Best Practice: Protect Yourself from JavaScript Obfuscation TechniquesAlthough various security products provide coverage against many web vulnerabilities, such as ActiveX exploits, these known exploits could potentially bypass security products by using JavaScript obfuscation techniques. IPS offers the following protections: JavaScript Percent-Encoding Obfuscation and JavaScript Unescape Synonym Obfuscation.
Security Gateway R70: A new protection is now available.
SBP-2009-17.
Oracle Secure Backup Administration Server Command Injection AttackIndustry Reference:CVE-2009-1977.
An authentication bypass vulnerability exists in Oracle Secure Backup server. Oracle Secure Backup is a backup solution allowing for centralized tape backup management. The vulnerability is due to a flaw in the logic used to authenticate a user to the administration server. Successful exploitation of this vulnerability allows remote attackers to bypass authentication on vulnerable installations of Oracle Secure Backup by sending a specially crafted user name variable.
IPS-1 & IPS-1 NGX R65: A new protection is now available.
CPAI-2008-229.
Oracle Secure Backup Administration Server Authentication Bypass VulnerabilityIndustry Reference:CVE-2009-1977.
An authentication bypass vulnerability has been reported in Oracle Secure Backup server. Oracle Secure Backup is a backup solution allowing for single point of management of data present on network attached storage (NAS) devices and distributed hosts. A remote attacker may exploit this issue to bypass authentication on vulnerable installations of Oracle Secure Backup. This protection will detect and block malformed requests sent to the vulnerable server.
IPS-1 & IPS-1 NGX R65: A new protection is now available.
Security Gateway R70: A protection was released in a previous update.
CPAI-2009-169.
|
September 1, 2009
 |
You have received this notification because you have subscribed to the SmartDefense mailing list. If you would prefer to no longer receive security alerts and defense notifications please click to Unsubscribe
As always, please feel free to contact us directly if you have any comments or questions.
Read Check Point's Privacy Policy
©2003.2009 Check Point Software Technologies Ltd. (Nasdaq: CHKP) All rights reserved.
800 Bridge Parkway, Redwood City, CA USA 94065 |
|