---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/ ---------------------------------------------------------------------- TITLE: Check Point Firewall CIFS Service Group Rule Bypass SECUNIA ADVISORY ID: SA16770 VERIFY ADVISORY: http://secunia.com/advisories/16770/ CRITICAL: Less critical IMPACT: Security Bypass WHERE: >From remote SOFTWARE: Check Point VPN-1/Firewall-1 NG http://secunia.com/product/89/ Check Point VPN-1 Server 4.x http://secunia.com/product/2965/ Check Point Provider-1 http://secunia.com/product/3262/ Check Point FireWall-1 GX 2.x http://secunia.com/product/3263/ Check Point Firewall-1 4.x http://secunia.com/product/88/ Check Point VPN-1/FireWall-1 NG with Application Intelligence (AI) http://secunia.com/product/2542/ Check Point VPN-1/FireWall-1 VSX NG http://secunia.com/product/3264/ DESCRIPTION: fitz has reported a security issue in Check Point Firewall, which potentially can be exploited by malicious people to bypass certain security restrictions. The security issue is caused due to an error in the CIFS service group implementation. This may cause all traffic from a network in the CIFS service group to either pass through the firewall or be dropped at the firewall, depending on the configured rule. The security issue has been reported in the following products: * VPN-1/FireWall-1 * VPN-1 VSX * Provider-1 SOLUTION: The vendor suggests renaming the CIFS service group. Refer to the vendor's advisory for instructions. PROVIDED AND/OR DISCOVERED BY: fitz ORIGINAL ADVISORY: Check Point: http://secureknowledge.us.checkpoint.com/SecureKnowledge/viewSolutionDocument.do?id=sk31196 OTHER REFERENCES: US-CERT VU#508209: http://www.kb.cert.org/vuls/id/508209 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------