 |
 Oracle Database Server Network Authentication AUTH_SESSKEY Buffer Overflow Vulnerability
Industry Reference:CVE-2009-1979.
A buffer overflow vulnerability exists in the Oracle Database server, an enterprise-level relational database application suite. A remote attacker may exploit this vulnerability to execute arbitrary code on a vulnerable system. This protection will detect and block Oracle traffic with overly long AUTH_SESSKEY parameter.
Security Gateway R70: A new protection is now available.
VPN-1 NGX R65 & VSX NGX R65: A new protection is now available.
CPAI-2009-274.
Microsoft Windows SMB Negotiate Request Remote Code Execution Vulnerability (MS09-050)Industry References:CVE-2009-3103, CVE-2009-2532.
A remote code execution vulnerability has been reported in the Microsoft Server Message Block (SMB) Protocol. The SMB Protocol is a network file sharing protocol that is implemented in Microsoft Windows. A remote attacker may exploit this vulnerability to take complete control of an affected system. This protection will detect and block malformed SMB negotiation requests.
IPS-1 & IPS-1 NGX R65: A protection was released in a previous update.
Security Gateway R70: A protection was released in a previous update.
VPN-1 NGX R65 & VSX NGX R65: A protection was released in a previous update.
InterSpect NGX: A new protection is now available.
CPAI-2009-194.
Microsoft Internet Information Services FTP Server Recursive Listing Denial of Service Vulnerability (MS09-053)Industry Reference:CVE-2009-2521.
A stack consumption vulnerability has been discovered in Microsoft Internet Information Services (IIS) FTP server. IIS is a collection of Internet services packaged with several versions of the Windows operating system. IIS includes an FTP server service for exchanging and manipulating files over a TCP computer network. A remote attacker could use this issue to create a denial of service condition, thus crashing the vulnerable service. This protection will detect and block attempts to exploit this vulnerability via malicious FTP patterns.
IPS-1 & IPS-1 NGX R65: A protection was released in a previous update.
Security Gateway R70: A protection was released in a previous update.
VPN-1 NGX R65 & VSX NGX R65: A protection was released in a previous update.
InterSpect NGX: A new protection is now available.
CPAI-2009-183.
Microsoft .NET Framework Arbitrary Memory Modification Vulnerability (MS09-061)Industry Reference:CVE-2009-2497.
A remote code execution vulnerability exists in the Microsoft .NET Framework. The Microsoft .NET Framework is a software framework that includes a large library of coded solutions to common programming problems and a virtual machine that manages the execution of programs written specifically for the framework. An attacker could exploit this issue by constructing a specially crafted Web page that when viewed by a user, could allow the attacker to execute arbitrary code remotely. This protection will detect and block attempts to exploit this vulnerability.
Security Gateway R70: A new protection is now available.
VPN-1 NGX R65 & VSX NGX R65: A new protection is now available.
CPAI-2009-266.
Microsoft Windows GDI .NET API Remote Code Execution Vulnerability (MS09-062)Industry Reference:CVE-2009-2504.
A remote code execution vulnerability has been discovered in the Microsoft Windows GDI .NET API. The Microsoft Windows graphics device interface (GDI) enables applications to use graphics and formatted text on the video display and on the printer. A remote attacker may exploit this issue to take control of a vulnerable system. This protection will detect and block attempts to exploit this vulnerability.
Security Gateway R70: A new protection is now available.
VPN-1 NGX R65 & VSX NGX R65: A new protection is now available.
CPAI-2009-264.
Security Best Practice: Blocking FoxyFoxy is a Traditional Chinese peer to peer file sharing application. It is widely used in Hong Kong, Mainland China and Taiwan. Unlike other peer to peer software, Foxy is very easy to use and has unlimited download capabilities. The use of Foxy may circumvent the organizational security policy. This protection will detect and block the Foxy peer to peer application. IPS is able to detect peer to peer traffic regardless of the TCP port that is being used to initiate the peer to peer session.
Security Gateway R70: A new protection is now available.
SBP-2009-20.
Recent Malware Threats (2-Nov-09)Malware is a software designed to infiltrate or damage a computer system without the owner's informed consent. It is a general name for a variety of forms of hostile, intrusive, or annoying programs like Viruses, worms, Adware, Trojans, and spyware that exploit unprotected clients, using network access to intrude upon organizations, destroying or stealing data. IPS will detect and block the malware based on predefined signatures. The update includes 10 new protections against recent malware threats.
Security Gateway R70: A new protection is now available.
VPN-1 NGX R65 & VSX NGX R65: A new protection is now available.
CPAI-2009-272.
|
November 2, 2009
 |
You have received this notification because you have subscribed to the SmartDefense mailing list. If you would prefer to no longer receive security alerts and defense notifications please click to Unsubscribe
As always, please feel free to contact us directly if you have any comments or questions.
Read Check Point's Privacy Policy
©2003.2009 Check Point Software Technologies Ltd. (Nasdaq: CHKP) All rights reserved.
800 Bridge Parkway, Redwood City, CA USA 94065 |
|