Update Protection against Trojan/Spy. Goldun.de Vulnerability
| Check Point Reference: | CPAI-2006-025 | |
| Date Published: | ||
| Severity: | ||
| Last Updated: | ||
| Source: | Check Point Virus Information Center | |
| Protection Provided by: |
VPN-1
|
|
| Who is Vulnerable? Windows 95 Windows 98 Windows 98 SE Windows NT Windows ME Windows 2000 Windows XP Windows 2003 | ||
| Vulnerability Description Goldun.de.1 is a trojan for the Windows platforms. The trojan drops malicious files, modifies system Registry, steals information and may also assume remote control over an affected machine. |
||
|
Vulnerability Details Goldun.de.1 also downloads and executes files from a remote server. The trojan Installs through exploits and can also be downloaded by other malwares. |
Protection Overview
The update blocks the vulnerability based on a unique HTTP header pattern.
To configure the defense, select your product from the list below and follow the related protection steps.
Additional Information
The update also includes the following protections:
- Enhancement to the Microsoft Windows Media Player Vulnerability (CPAI-2006-016)
- ezDatabase Remote File Inclusion Protection (CPAI-2006-026)
- TFTPD32 Request Error Message Format String Protection (CPAI-2006-027) - InterSpect NGX only
- Cisco IOS CDP Status Page Code Injection Protection (CPAI-2006-028)
- SHOUTcast Filename Request Format String Protection (CPAI-2006-029)
- Oracle Report File Overwrite/Oracle Report Directory Traversal Protection (CPAI-2006-030)
- Google Talk via Gmail Web Interface Protection (CPSA-2006-02)
- IBM Tivoli Access Manager Directory Traversal Protection (CPAI-2006-031)
- Protection Against NFS Vulnerabilities (CPAI-2006-032)
- Protection against PmWiki multiple vulnerabilities.