SDS Banner

SmartDefense Services Bulletin
October 2005

Greetings! This bulletin features Check Point SmartDefense Services highlights for the month of . Please feel free to email us if you have any comments or questions.

To sign-up to the mailing list, send an email to listserv@amadeus.us.checkpoint.com with the text "SUBSCRIBE SMARTDEFENSE-NEWS" in the email body. If you'd like to unsubscribe from this bulletin, send an email to listserv@amadeus.us.checkpoint.com with the text "SIGNOFF SMARTDEFENSE-NEWS" in the email body.

 
In This Bulletin

About SmartDefense Services
Advisories
Security Best Practices
Defense Updates

About SmartDefense Services

Check Point SmartDefense Services maintain the most current preemptive security for your Check Point security infrastructure. To help your defenses stay continuously ahead of today’s constantly evolving threat landscape, SmartDefense Services provide:

  • Preemptive, ongoing, and real-time updates to defenses and security policies
  • Ongoing new protocol and application defenses against emerging threats and attacks
  • Step-by-step instructions on how to activate and configure defenses against emerging threats and vulnerabilities – usually before exploits are created by hackers
  • Anti-virus updates and alerts for Check Point VPN-1 Express CI
  • Malicious applications database for automating network access and malware termination policies (Program Advisor Service for Integrity)
Advisories (Sorted by Severity, then Date)
CPAI-2005-130
  Date:
  Severity:
  Category: Remote Code Execution
  Description: Protection against RealPlayer AVI Parsing Buffer Overflow Vulnerability
  Sources:

eEye

  Vulnerable Systems: Real Networks Real Player versions 8, 10, 10.5
Real Networks Real Player Enterprise
Real Networks RealOne Player v1 and v2
Real Networks Rhapsody 3

     
CPAI-2005-127
  Date:
  Severity:
  Category: Peer to Peer applications
  Description: Direct Connect Peer to Peer Protocol Protection
  Sources: SmartDefense Research Center
  Vulnerable Systems: Computers running Direct Connect Peer to Peer clients
     
CPAI-2005-125
  Date:
  Severity:
  Category: Remote Code Execution
  Description: CA BrightStor ARCserve Backup Agent Protection
  Sources:

US-CERT VU#279774

  Vulnerable Systems: BrightStor ARCserve Backup (BAB) r11.1 Windows
BrightStor ARCserve Backup 11 for Windows
BrightStor ARCserve Backup 9.0 Windows
BrightStor ARCserve Backup r11.1 (64-bit) for Windows
BrightStor ARCserve Backup r11.1 Client Agent for Windows
BrightStor ARCserve Backup Release 11 (64-bit) for Windows
BrightStor ARCserve Backup v9.01 Client Agent for Windows
BrightStor ARCserve Backup v9.01 Client Agent for Windows Non-English
BrightStor ARCserve Backup v9.01 for Windows (64bit edition)
BrightStor ARCserve Backup v9.01 for Windows Non-English
BrightStor Enterprise Backup 10.0
BrightStor Enterprise Backup 10.5
BrightStor Enterprise Backup v10.5 for Windows (64bit edition)

     
CPAI-2005-124
  Date:
  Severity:
  Category: Remote Code Execution
  Description: Microsoft Color Management Module Vulnerability Protection (MS05-036)
  Sources: Microsoft Security Bulletin MS05-036
Microsoft Security Bulletin MS05-038
  Vulnerable Systems: Microsoft Windows 2000 SP4
Microsoft Windows XP SP1 and SP2
Microsoft Windows XP Professional x64 Edition
Microsoft Windows Server 2003
Microsoft Windows Server 2003 SP1
Microsoft Windows Server 2003 for Itanium-based Systems
Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
Microsoft Windows Server 2003 x64 Edition
     
CPAI-2005-132
  Date:
  Severity:
  Category: Command Injection
  Description: Preemptive Protection against TWiki Command Injection Vulnerability
  Sources: TWiki.org 
  Vulnerable Systems:

TWiki TWikiRelease02Sep2004
TWiki TWikiRelease01Sep2004
TWiki TWikiRelease01Feb2003
TWiki TWikiRelease01Dec2001
TWiki TWikiRelease01Dec2000

     
CPAI-2005-131
  Date:
  Severity:
  Category: Remote Control Applications
  Description: GoToMyPC Protection
  Sources: SmartDefense Research Center
  Vulnerable Systems: Microsoft Windows operating systems
     
CPAI-2005-129
  Date:
  Severity:
  Category: Cross Site Scripting
  Description: Preemptive Protection against Rational ClearQuest Cross Site Scripting Vulnerability
  Sources: SmartDefense Research Center

  Vulnerable Systems: Rational ClearQuest 2002
Rational ClearQuest 2003
     
CPAI-2005-128
  Date:
  Severity:
  Category: Directory Traversal
  Description: Preemptive Protection against 3COM Network Supervisor Directory Traversal Vulnerability
  Sources:

iDEFENSE Security Advisory 09.01.05

  Vulnerable Systems: 3Com Corporation Network Supervisor 5.1 and prior versions
3Com Corporation Network Director versions 1.0 and 2.0
     
CPAI-2005-126
  Date:
  Severity:
  Category: Denial of Service
  Description: Microsoft Remote Desktop Protocol (RDP) Vulnerability Protection (MS05-041)
  Sources: Microsoft Security Bulletin MS05-041
  Vulnerable Systems: Microsoft Windows 2000 Server SP4
Microsoft Windows XP SP1 and Microsoft Windows XP SP2 
Microsoft Windows XP Professional x64 Edition
Microsoft Windows Server 2003
Microsoft Windows Server 2003 SP1
Microsoft Windows Server 2003 for Itanium-based Systems
Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
Microsoft Windows Server 2003 x64 Edition

     
Security Best Practices (Sorted by Severity, then Date)
CPSA-2005-12
  Date:
  Severity:
  Category: Anti Virus protection
  Description: Check Point Express CI: Keeping Your Anti Virus Engine Up To Date
  Sources: SmartDefense Research Center
  Vulnerable Systems: Microsoft Windows clients
     
Defense Updates
CPAI-2005-131
  Date:
  Update Number: 550050926 (VPN-1 NGAI R55W)
591050926 (VPN-1 NGX R60)
547050926 (InterSpect)
  Description: GoToMyPC Protection
     
CPAI-2005-130
  Date:
  Update Number: 541050926 (VPN-1 NGAI R55)
550050926 (VPN-1 NGAI R55W)
591050926 (VPN-1 NGX R60)
547050926 (InterSpect)
  Description: Malformd AVI Protection
     
CPSA-2005-11
  Date:
  Update Number: 690050920 (Connectra 2.0), Sept 22
691050920 (Connectra NGX), Sept 22
690050915 (Connectra 2.0), Sept 18
691050915 (Connectra NGX), Sept 18
690050908 (Connectra 2.0), Sept 08
691050908 (Connectra NGX), Sept 08
  Description: Integrity Clientless Security (ICS) version 3.7.33.0
Integrity Clientless Security (ICS) version 3.7.32.0
Integrity Clientless Security (ICS) version 3.7.30.0
     
CPAI-2005-127
  Date:
  Update Number: 541050906 (VPN-1 NGAI R55)
550050906 (VPN-1 NGAI R55W)
591050906 (VPN-1 NGX R60)
547050906 (InterSpect)
  Description: Direct Connect Peer-to-Peer Protocol Protection
     
CPAI-2005-126
  Date:
  Update Number: 550050906 (VPN-1 NGAI R55W)
591050906 (VPN-1 NGX R60)
547050906 (InterSpect)
  Description: Microsoft Remote Desktop Protocol (RDP) Protection
     
CPAI-2005-125
  Date:
  Update Number: 591050906 (VPN-1 NGX R60)
  Description: CA BrightStor ARCserve Backup Agent Protection
     
CPAI-2005-124
  Date:
  Update Number: 541050906 (VPN-1 NGAI R55)
550050906 (VPN-1 NGAI R55W)
591050906 (VPN-1 NGX R60)
547050906 (InterSpect)
  Description: Microsoft Color Management Module Protection (MS05-036)
     
CPAI-2005-121
  Date:
  Update Number: 550050906 (VPN-1 NGAI R55W)
  Description: VERITAS Backup Server Static Password Protection
     
CPAI-2005-120
  Date:
  Update Number: 550050906 (VPN-1 NGAI R55W)
  Description: MS Plug-and-Play Protection
     
CPAI-2005-119
  Date:
  Update Number: 550050906 (VPN-1 NGAI R55W)
  Description: MS Telephony Service (TAPI) Protection
     
CPAI-2005-118
  Date:
  Update Number: 550050906 (VPN-1 NGAI R55W)
  Description: MS Print Spooler Service Protection (MS05-043)
     
CPAI-2005-117
  Date:
  Update Number: 550050906 (VPN-1 NGAI R55W)
  Description: MS COM Objects Protection (MS05-037; MS05-038)
     
CPAI-2005-99
  Date:
  Update Number: 550050906 (VPN-1 NGAI R55W)
  Description: Enhanced MS PNG Protection (MS05-025)
     
SDS Footer

You received this email because our records indicate that you wish to be contacted about SmartDefense Updates, Advisories, product news, and security information. If you do not want to receive further mailings, unsubscribe by sending a message with "SIGNOFF SMARTDEFENSE-NEWS" command to LISTSERV@AMADEUS.US.CHECKPOINT.COM in the first line (not the subject).

Copyright 2003-2008 Check Point Software Technologies LTD (Nasdaq: CHKP) All rights reserved.
800 Bridge Parkway, Redwood City, CA USA 94065