SDS Banner

SmartDefense Services Bulletin
September 2005

Greetings! This bulletin features Check Point SmartDefense Services highlights for the month of . Please feel free to email us if you have any comments or questions.

To sign-up to the mailing list, send an email to listserv@amadeus.us.checkpoint.com with the text "SUBSCRIBE SMARTDEFENSE-NEWS" in the email body. If you'd like to unsubscribe from this bulletin, send an email to listserv@amadeus.us.checkpoint.com with the text "SIGNOFF SMARTDEFENSE-NEWS" in the email body.

 
In This Bulletin

About SmartDefense Services
What's New
Advisories
Security Best Practices
Defense Updates

About SmartDefense Services

Check Point SmartDefense Services maintain the most current preemptive security for your Check Point security infrastructure. To help your defenses stay continuously ahead of today’s constantly evolving threat landscape, SmartDefense Services provide:

  • Preemptive, ongoing, and real-time updates to defenses and security policies
  • Ongoing new protocol and application defenses against emerging threats and attacks
  • Step-by-step instructions on how to activate and configure defenses against emerging threats and vulnerabilities – usually before exploits are created by hackers
  • Anti-virus updates and alerts for Check Point VPN-1 Express CI
  • Malicious applications database for automating network access and malware termination policies (Program Advisor Service for Integrity)
What's New

Hackers Don't Wait for Upgrades! To obtain the highest level of defense, organizations should not rely solely on the next upgrade of their core security product. Read more in the Security Cafe.

Advisories (Sorted by Severity, then Date)
CPAI-2005-120
  Date:
  Severity:
  Category: Remote Code Execution
  Description: Microsoft Windows Plug and Play Vulnerability Protection (MS05-039) / Zotob worm
  Sources:

Microsoft Security Bulletin MS05-039

  Vulnerable Systems: Microsoft Windows 2000 SP4
Microsoft Windows XP SP1 and SP2
Microsoft Windows XP Professional x64 Edition
Microsoft Windows Server 2003
Microsoft Windows Server 2003 SP1
Microsoft Windows Server 2003 for Itanium-based Systems
Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
Microsoft Windows Server 2003 x64 Edition
     
CPAI-2005-118
  Date:
  Severity:
  Category: Remote Code Execution
  Description: Microsoft Print Spooler Service Vulnerability Protection (MS05-043)
  Sources:

Microsoft Security Bulletin MS05-043

  Vulnerable Systems: Microsoft Windows 2000 SP4
Microsoft Windows XP SP1 and SP2
Microsoft Windows Server 2003
Microsoft Windows Server 2003 for Itanium-based systems
     
CPAI-2005-122
  Date:
  Severity:
  Category: Command Injection
  Description: Preemptive Protection against HP OpenView Network Node Manager Remote Command Execution Vulnerability
  Sources:  SecurityTracker Alert ID: 1014791
  Vulnerable Systems:

HP OpenView Network Node Manager 6.41
HP OpenView Network Node Manager 7.01
HP OpenView Network Node Manager 7.5

     
CPAI-2005-121
  Date:
  Severity:
  Category: Remote Code Execution
  Description: VERITAS Backup Exec Agent Static Password Protection
  Sources:

US-CERT VU#378957

  Vulnerable Systems: VERITAS Software NetBackup 4.5
VERITAS Software NetBackup 5.0
VERITAS Software NetBackup 5.1
VERITAS Software Backup Exec 8.6
VERITAS Software Backup Exec 9.0
VERITAS Software Backup Exec 9.1
VERITAS Software Backup Exec 10.0
VERITAS Software Backup Exec Remote Agent All Versions

     
CPAI-2005-117
  Date:
  Severity:
  Category: Remote Code Execution
  Description: Protection against MS IE COM Object Memory Corruption Vulnerabilities (MS05-037; MS05-038)
  Sources:

Microsoft Security Bulletin MS05-037
Microsoft Security Bulletin MS05-038

  Vulnerable Systems: Microsoft Internet Explorer 5.01
Microsoft Internet Explorer 5.5
Microsoft Internet Explorer 6
Microsoft Internet Explorer 6 SP1
Microsoft Internet Explorer 6 SP2
     
CPAI-2005-116
  Date:
  Severity:
  Category: Remote Code Execution
  Description: Preemptive Protection against Novell eDirectory Server iMonitor Vulnerability
  Sources:

Novell TID10098568

  Vulnerable Systems: Novell eDirectory 8.7.3 for Windows 2000, Windows NT and Windows 2003
     
CPAI-2005-112
  Date:
  Severity:
  Category: Microsot Windows networks
  Description: Protection against Microsoft Message Queuing Buffer Overflow Vulnerability (MS05-017)
  Sources: Microsoft Security Bulletin MS05-017
  Vulnerable Systems: Microsoft Corporation Windows 2000 SP3
Microsoft Corporation Windows 2000 SP4
Microsoft Corporation Windows XP SP1 and SP2
Microsoft Corporation Windows XP 64-Bit Edition SP1
Microsoft Corporation Windows 98
Microsoft Corporation Windows 98 SE

     
CPAI-2005-111
  Date:
  Severity:
  Category: Microsoft Windows Networks
  Description: Protection against Microsoft Windows Server Message Block (SMB) Buffer Overflow Vulnerability (MS05-027)
  Sources: Microsoft Security Bulletin MS05-027
  Vulnerable Systems: Microsoft Windows 2000 SP3 and SP4
Microsoft Windows XP SP1 and SP2
Microsoft Windows XP 64-Bit Edition Version 2003
Microsoft Windows XP Professional x64 Edition
Microsoft Windows Server 2003 and 2003 SP1
Microsoft Windows Server 2003 for Itanium-based Systems
Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
Microsoft Windows Server 2003 x64 Edition
     
CPAI-2005-123
  Date:
  Severity:
  Category: Error Concealment
  Description: Preemptive Protection against Microsoft IIS Source Code Disclosure
  Sources:  Inge Henriksen
  Vulnerable Systems: Microsoft Internet Information Services (IIS) 5.1
     
CPAI-2005-119
  Date:
  Severity:
  Category: Remote Code Execution
  Description: Microsoft Windows Telephony Service Vulnerability Protection (MS05-040)
  Sources:

Microsoft Security Bulletin MS05-040

  Vulnerable Systems: Microsoft Windows 2000 SP4
Microsoft Windows XP SP1 and SP2
Microsoft Windows XP Professional x64 Edition
Microsoft Windows Server 2003 and 2003 SP1
Microsoft Windows Server 2003 for Itanium-based Systems
Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
 Microsoft Windows Server 2003 x64 Edition
     
CPAI-2005-115
  Date:
  Severity:
  Category: HTTP Methods
  Description: Preemptive Protection against Web-Folders Behaviors Cross-Domain Vulnerability (MS05-038)
  Sources:

Microsoft Security Bulletin MS05-038

  Vulnerable Systems: Microsoft Windows 2000 SP4
Microsoft Windows XP SP1
Microsoft Windows XP SP2
Microsoft Windows XP Professional x64 Edition Microsoft Windows Server 2003
Microsoft Windows Server 2003 SP1
Microsoft Windows Server 2003 for Itanium-based Systems
Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
Microsoft Windows Server 2003 x64 Edition
     
CPAI-2005-114
  Date:
  Severity:
  Category: Directory Traversal
  Description: Preemptive Protection against EMC Navisphere Manager Directory Traversal Vulnerability
  Sources:

iDEFENSE Security Advisory 08.05.05

  Vulnerable Systems: Navisphere Manager Base version 6.4.1.0.0

     
Security Best Practices (Sorted by Severity, then Date)
CPSA-2005-11
  Date:
  Severity:
  Category: Endpoint Security
  Description: Security Best Practice: Updating Integrity Clientless Security (ICS) for Connectra
  Sources: SmartDefense Research Center
  Vulnerable Systems: Microsoft Windows clients
     
Defense Updates
CPAI-2005-121
  Date:
  Update Number: 541050818 (VPN-1 NGAI R55)
550050818 (VPN-1 NGAI R55W)
547050818 (InterSpect)
  Description: Veritas Backup Server Static Password Protection
     
CPSA-2005-11
  Date:
  Update Number: 690050817 (Connectra 2.0)
691050817 (Connectra NGX)
  Description: Integrity Clientless Security (ICS) version 3.7.26.0
     
CPAI-2005-120
  Date:
  Update Number: 591050816 (VPN-1 NGX R60)
541050818 (VPN-1 NGAI R55)
550050818 (VPN-1 NGAI R55W)
547050818 (InterSpect)
  Description: MS Plug and Play Protection (MS05-039)
     
CPAI-2005-119
  Date:
  Update Number: 591050816 (VPN-1 NGX R60)
541050818 (VPN-1 NGAI R54/R55)
550050818 (VPN-1 NGAI R55W)
  Description: MS Telephony Service (TAPI) Protection (MS05-040)
     
CPAI-2005-118
  Date:
  Update Number: 591050816 (VPN-1 NGX R60)
541050818 (VPN-1 NGAI R54/R55)
550050818 (VPN-1 NGAI R55W)
  Description: MS Print Spooler Service Protection (MS05-043)
     
CPAI-2005-117
  Date:
  Update Number: 591050816 (VPN-1 NGX R60)
541050818 (VPN-1 NGAI R55)
550050818 (VPN-1 NGAI R55W)
547050818 (InterSpect)
  Description: MS COM Objects Protection (MS05-037; MS05-038)
     
CPAI-2005-99
  Date:
  Update Number: 591050816 (VPN-1 NGX R60)
541050818 (VPN-1 NGAI R55)
550050818 (VPN-1 NGAI R55W)
547050818 (InterSpect)
  Description: Enhanced MS PNG Protection (MS05-025)
     
CPSA-2005-11
  Date:
  Update Number: 690050810 (Connectra 2.0)
691050810 (Connectra NGX)
  Description: Integrity Clientless Security (ICS) version 3.7.25
     
CPAI-2005-112
  Date:
  Update Number: 591050801 (VPN-1 NGX R60)
541050801 (VPN-1 NGAI R55)
550050801 (VPN-1 NGAI R55W)
547050801 (InterSpect)
  Description: MS Message Queuing Protection
     
CPAI-2005-111
  Date:
  Update Number: 591050801 (VPN-1 NGX R60)
541050801 (VPN-1 NGAI R55)
550050801 (VPN-1 NGAI R55W)
547050801 (InterSpect)
  Description: MS SMB Server Protection
     
SDS Footer

You received this email because our records indicate that you wish to be contacted about SmartDefense Updates, Advisories, product news, and security information. If you do not want to receive further mailings, unsubscribe by sending a message with "SIGNOFF SMARTDEFENSE-NEWS" command to LISTSERV@AMADEUS.US.CHECKPOINT.COM in the first line (not the subject).

Copyright 2003-2008 Check Point Software Technologies LTD (Nasdaq: CHKP) All rights reserved.
800 Bridge Parkway, Redwood City, CA USA 94065