October 2005 SmartDefense Services Bulletin

SmartDefense Services Bulletin

October 2005

Greetings! This bulletin features Check Point SmartDefense Services highlights for the month of . Please feel free to email us if you have any comments or questions.

To sign-up to the mailing list, send an email to listserv@amadeus.us.checkpoint.com with the text "SUBSCRIBE SMARTDEFENSE-NEWS" in the email body. If you'd like to unsubscribe from this bulletin, send an email to listserv@amadeus.us.checkpoint.com with the text "SIGNOFF SMARTDEFENSE-NEWS" in the email body.

In This Bulletin

About SmartDefense Services
Advisories
Security Best Practices
Defense Updates

About SmartDefense Services

Check Point SmartDefense Services maintain the most current preemptive security for your Check Point security infrastructure. To help your defenses stay continuously ahead of today’s constantly evolving threat landscape, SmartDefense Services provide:

Preemptive, ongoing, and real-time updates to defenses and security policies
Ongoing new protocol and application defenses against emerging threats and attacks
Step-by-step instructions on how to activate and configure defenses against emerging threats and vulnerabilities – usually before exploits are created by hackers
Anti-virus updates and alerts for Check Point VPN-1 Express CI
Malicious applications database for automating network access and malware termination policies (Program Advisor Service for Integrity)

Advisories (Sorted by Severity, then Date)


CPAI-2005-130
	Date:
	Severity:
	Category:	Remote Code Execution
	Description:	Protection against RealPlayer AVI Parsing Buffer Overflow Vulnerability
	Sources:	eEye
	Vulnerable Systems:	Real Networks Real Player versions 8, 10, 10.5 Real Networks Real Player Enterprise Real Networks RealOne Player v1 and v2 Real Networks Rhapsody 3


CPAI-2005-127
	Date:
	Severity:
	Category:	Peer to Peer applications
	Description:	Direct Connect Peer to Peer Protocol Protection
	Sources:	SmartDefense Research Center
	Vulnerable Systems:	Computers running Direct Connect Peer to Peer clients


CPAI-2005-125
	Date:
	Severity:
	Category:	Remote Code Execution
	Description:	CA BrightStor ARCserve Backup Agent Protection
	Sources:	US-CERT VU#279774
	Vulnerable Systems:	BrightStor ARCserve Backup (BAB) r11.1 Windows BrightStor ARCserve Backup 11 for Windows BrightStor ARCserve Backup 9.0 Windows BrightStor ARCserve Backup r11.1 (64-bit) for Windows BrightStor ARCserve Backup r11.1 Client Agent for Windows BrightStor ARCserve Backup Release 11 (64-bit) for Windows BrightStor ARCserve Backup v9.01 Client Agent for Windows BrightStor ARCserve Backup v9.01 Client Agent for Windows Non-English BrightStor ARCserve Backup v9.01 for Windows (64bit edition) BrightStor ARCserve Backup v9.01 for Windows Non-English BrightStor Enterprise Backup 10.0 BrightStor Enterprise Backup 10.5 BrightStor Enterprise Backup v10.5 for Windows (64bit edition)


CPAI-2005-124
	Date:
	Severity:
	Category:	Remote Code Execution
	Description:	Microsoft Color Management Module Vulnerability Protection (MS05-036)
	Sources:	Microsoft Security Bulletin MS05-036 Microsoft Security Bulletin MS05-038
	Vulnerable Systems:	Microsoft Windows 2000 SP4 Microsoft Windows XP SP1 and SP2 Microsoft Windows XP Professional x64 Edition Microsoft Windows Server 2003 Microsoft Windows Server 2003 SP1 Microsoft Windows Server 2003 for Itanium-based Systems Microsoft Windows Server 2003 with SP1 for Itanium-based Systems Microsoft Windows Server 2003 x64 Edition


CPAI-2005-132
	Date:
	Severity:
	Category:	Command Injection
	Description:	Preemptive Protection against TWiki Command Injection Vulnerability
	Sources:	TWiki.org
	Vulnerable Systems:	TWiki TWikiRelease02Sep2004 TWiki TWikiRelease01Sep2004 TWiki TWikiRelease01Feb2003 TWiki TWikiRelease01Dec2001 TWiki TWikiRelease01Dec2000


CPAI-2005-131
	Date:
	Severity:
	Category:	Remote Control Applications
	Description:	GoToMyPC Protection
	Sources:	SmartDefense Research Center
	Vulnerable Systems:	Microsoft Windows operating systems


CPAI-2005-129
	Date:
	Severity:
	Category:	Cross Site Scripting
	Description:	Preemptive Protection against Rational ClearQuest Cross Site Scripting Vulnerability
	Sources:	SmartDefense Research Center
	Vulnerable Systems:	Rational ClearQuest 2002 Rational ClearQuest 2003


CPAI-2005-128
	Date:
	Severity:
	Category:	Directory Traversal
	Description:	Preemptive Protection against 3COM Network Supervisor Directory Traversal Vulnerability
	Sources:	iDEFENSE Security Advisory 09.01.05
	Vulnerable Systems:	3Com Corporation Network Supervisor 5.1 and prior versions 3Com Corporation Network Director versions 1.0 and 2.0


CPAI-2005-126
	Date:
	Severity:
	Category:	Denial of Service
	Description:	Microsoft Remote Desktop Protocol (RDP) Vulnerability Protection (MS05-041)
	Sources:	Microsoft Security Bulletin MS05-041
	Vulnerable Systems:	Microsoft Windows 2000 Server SP4 Microsoft Windows XP SP1 and Microsoft Windows XP SP2 Microsoft Windows XP Professional x64 Edition Microsoft Windows Server 2003 Microsoft Windows Server 2003 SP1 Microsoft Windows Server 2003 for Itanium-based Systems Microsoft Windows Server 2003 with SP1 for Itanium-based Systems Microsoft Windows Server 2003 x64 Edition

Security Best Practices (Sorted by Severity, then Date)


CPSA-2005-12
	Date:
	Severity:
	Category:	Anti Virus protection
	Description:	Check Point Express CI: Keeping Your Anti Virus Engine Up To Date
	Sources:	SmartDefense Research Center
	Vulnerable Systems:	Microsoft Windows clients

Defense Updates


CPAI-2005-131
	Date:
	Update Number:	550050926 (VPN-1 NGAI R55W) 591050926 (VPN-1 NGX R60) 547050926 (InterSpect)
	Description:	GoToMyPC Protection


CPAI-2005-130
	Date:
	Update Number:	541050926 (VPN-1 NGAI R55) 550050926 (VPN-1 NGAI R55W) 591050926 (VPN-1 NGX R60) 547050926 (InterSpect)
	Description:	Malformd AVI Protection


CPSA-2005-11
	Date:
	Update Number:	690050920 (Connectra 2.0), Sept 22 691050920 (Connectra NGX), Sept 22 690050915 (Connectra 2.0), Sept 18 691050915 (Connectra NGX), Sept 18 690050908 (Connectra 2.0), Sept 08 691050908 (Connectra NGX), Sept 08
	Description:	Integrity Clientless Security (ICS) version 3.7.33.0 Integrity Clientless Security (ICS) version 3.7.32.0 Integrity Clientless Security (ICS) version 3.7.30.0


CPAI-2005-127
	Date:
	Update Number:	541050906 (VPN-1 NGAI R55) 550050906 (VPN-1 NGAI R55W) 591050906 (VPN-1 NGX R60) 547050906 (InterSpect)
	Description:	Direct Connect Peer-to-Peer Protocol Protection


CPAI-2005-126
	Date:
	Update Number:	550050906 (VPN-1 NGAI R55W) 591050906 (VPN-1 NGX R60) 547050906 (InterSpect)
	Description:	Microsoft Remote Desktop Protocol (RDP) Protection


CPAI-2005-125
	Date:
	Update Number:	591050906 (VPN-1 NGX R60)
	Description:	CA BrightStor ARCserve Backup Agent Protection


CPAI-2005-124
	Date:
	Update Number:	541050906 (VPN-1 NGAI R55) 550050906 (VPN-1 NGAI R55W) 591050906 (VPN-1 NGX R60) 547050906 (InterSpect)
	Description:	Microsoft Color Management Module Protection (MS05-036)


CPAI-2005-121
	Date:
	Update Number:	550050906 (VPN-1 NGAI R55W)
	Description:	VERITAS Backup Server Static Password Protection


CPAI-2005-120
	Date:
	Update Number:	550050906 (VPN-1 NGAI R55W)
	Description:	MS Plug-and-Play Protection


CPAI-2005-119
	Date:
	Update Number:	550050906 (VPN-1 NGAI R55W)
	Description:	MS Telephony Service (TAPI) Protection


CPAI-2005-118
	Date:
	Update Number:	550050906 (VPN-1 NGAI R55W)
	Description:	MS Print Spooler Service Protection (MS05-043)


CPAI-2005-117
	Date:
	Update Number:	550050906 (VPN-1 NGAI R55W)
	Description:	MS COM Objects Protection (MS05-037; MS05-038)


CPAI-2005-99
	Date:
	Update Number:	550050906 (VPN-1 NGAI R55W)
	Description:	Enhanced MS PNG Protection (MS05-025)

You received this email because our records indicate that you wish to be contacted about SmartDefense Updates, Advisories, product news, and security information. If you do not want to receive further mailings, unsubscribe by sending a message with "SIGNOFF SMARTDEFENSE-NEWS" command to LISTSERV@AMADEUS.US.CHECKPOINT.COM in the first line (not the subject).