SDS Banner

SmartDefense Services Bulletin
June 2006

Greetings! This bulletin features Check Point SmartDefense Services highlights for the month of . Please feel free to email us if you have any comments or questions.

To sign-up to the mailing list, send an email to listserv@amadeus.us.checkpoint.com with the text "SUBSCRIBE SMARTDEFENSE-NEWS" in the email body. If you'd like to unsubscribe from this bulletin, send an email to listserv@amadeus.us.checkpoint.com with the text "SIGNOFF SMARTDEFENSE-NEWS" in the email body.
 
In This Bulletin

About SmartDefense Services
What's New
Advisories
Defense Updates
About SmartDefense Services

Check Point SmartDefense Services maintain the most current preemptive security for your Check Point security infrastructure. To help your defenses stay continuously ahead of today’s constantly evolving threat landscape, SmartDefense Services provide:

  • Preemptive, ongoing, and real-time updates to defenses and security policies
  • Ongoing new protocol and application defenses against emerging threats and attacks
  • Step-by-step instructions on how to activate and configure defenses against emerging threats and vulnerabilities – usually before exploits are created by hackers
  • Anti-virus updates and alerts for Check Point VPN-1 Express CI
  • Anti-spyware updates for Check Point Integrity Anti-Spyware 
  • Malicious applications database for automating network access and malware termination policies (Program Advisor Service for Integrity)
What's New

New! Single SmartDefense Services Console. The NGX R61 platform introduced a new single SmartDefense Services management console. The new GUI console resides in SmartCenter, and provides a single view of update status for multiple enforcement points using SmartDefense Services. With a single management console, SmartDefense updates can be easily and consistently applied to all your enforcement points.

New! Variable Pricing. You told us that we should introduce variable SmartDefense Services pricing based on size of gateway being protected. We listened. To learn more, please contact your Check Point provider or refer to the price list on our website.
Advisories (Sorted by Severity, then Date)
CPAI-2006-043
  Date:
  Severity:
  Description: Update Protection Against Microsoft Data Access Components (MDAC) Function Vulnerability (MS06-014)
  Sources: Microsoft Security Bulletin MS06-014
  Vulnerable Systems:
  • Microsoft Windows XP SP1 running MDAC 2.7 SP1
  • Microsoft Windows XP SP2 running MDAC 2.8 SP1
  • Microsoft Windows XP Professional x64 Edition running MDAC SP2
  • Microsoft Windows Server 2003 running MDAC 2.8
  • Microsoft Windows Server 2003 SP1 running MDAC 2.8 SP2
     
CPAI-2006-042
  Date:
  Severity:
  Description: Update Protection against Microsoft Exchange Vulnerability (MS06-019)
  Sources: Microsoft Security Bulletin MS06-019
  Vulnerable Systems: Microsoft Exchange Server 2000 with the Exchange 2000 Post-Service Pack 3 Update Rollup of August 2004(870540)
Microsoft Exchange Server 2003 Service pack 1 and Service Pack 2
     
CPAi-2006-051
  Date:
  Severity:
  Description: Update Protection against MS-Word Zero-Day Attack (919637)
  Sources: Microsoft Security Advisory (919637)
  Vulnerable Systems: Windows 2000
Windows 95
Windows 98
Windows Me
Windows NT
Windows Server 2003
Windows XP
Microsoft Word
     
CPAI-2006-046
  Date:
  Severity:
  Description: Update Protection against Multiple IMAP Vulnerabilities (FETCH, EXAMINE, APPEND)
  Sources: FrSIRT/ADV-2005-3005
OSVDB ID: 23796
  Vulnerable Systems: Eudora Qualcomm WorldMail version 3.0 and earlier versions
Ipswitch Collaboration Suite 2006.02 and earlier versions
     
CPAI-2006-045
  Date:
  Severity:
  Description: Update Protection against Winny Remote Buffer Overflow Vulnerability
  Sources: eEye
  Vulnerable Systems: Winny version 2.0 b7.1 and before
Windows NT 4.0
Windows 98 / ME
Windows 2000
Windows XP
Windows 2003
     
CPAI-2006-044
  Date:
  Severity:
  Description: Update Protection against Microsoft Internet Explorer mhtml Redirection Vulnerability
  Sources: SecurityTracker Alert ID: 1016005
  Vulnerable Systems: Microsoft Internet Explorer 6.0
     
CPAI-2006-055
  Date:
  Severity:
  Description: Preemptive Protection against Novell eDirectory Buffer Overflow Vulnerability
  Sources: ZDI-06-016
  Vulnerable Systems: Novell iMonitor 2.4
Novell eDirectory 8.8
     
CPAI-2006-054
  Date:
  Severity:
  Description: Integrity Clientless Security (ICS) Update 3.7.84.0
  Sources: SmartDefense Research Center
  Vulnerable Systems: Microsoft Windows clients
     
CPAI-2006-053
  Date:
  Severity:
  Description: Update Protection against AWStats "migrate" Shell Command Injection
  Sources: SANS
  Vulnerable Systems: AWStats version 6.5 and prior versions
     
CPAI-2006-052
  Date:
  Severity:
  Description: Preemptive Protection against Cyrus IMAP Server USER Command Code Execution
  Sources: FrSIRT/ADV-2006-1891
  Vulnerable Systems: Cyrus IMAP Server versions 2.3.0 through 2.3.3
     
CPAI-2006-050
  Date:
  Severity:
  Description: Preemptive Protection against HP-UX BIND4 DNS Cache Poisoning
  Sources: HP Support Document ID: c00668546
  Vulnerable Systems: Hewlett-Packard HP-UX B.11.00
     
CPAI-2006-049
  Date:
  Severity:
  Description: Integrity Clientless Security (ICS) Update 3.7.71.0
  Sources: SmartDefense Research Center
  Vulnerable Systems: Microsoft Windows clients
     
CPAI-2006-047
  Date:
  Severity:
  Description: Preemptive Protection against Nagios "Content-Length" Header Buffer Overflow Vulnerability
  Sources: FrSIRT/ADV-2006-1662
  Vulnerable Systems: Nagios versions prior to 2.3
Nagios versions prior to 1.4
     
CPAI-2006-041
  Date:
  Severity:
  Description: Preemptive Protection against Microsoft Distributed Transaction Coordinator Vulnerability (MS06-018)
  Sources: Microsoft Security Bulletin MS06-018
  Vulnerable Systems: Microsoft Windows 2000 Service Pack 4
Microsoft Windows XP Service Pack 1 and Service Pack 2
Microsoft Windows Server 2003
Microsoft Windows Server 2003 for Itanium-based Systems
     
CPAI-2006-048
  Date:
  Severity:
  Description: Preemptive Protection against GlobalSCAPE Secure FTP Server Remote Denial of Service
  Sources: OSVDB ID: 24451
  Vulnerable Systems: GlobalSCAPE Secure FTP Server prior to 3.1.4
     
Defense Updates
CPAI-2006-054
  Date:
  Update Number: 692060528 (Connectra NGX R61)
691060528 (Connectra NGX)
690060528 (Connectra 2.0)
  Description: Integrity Clientless Security (ICS) Update 3.7.84.0
     
CPAI-2006-051
  Date:
  Update Number: 541060524 (VPN-1 NG R54/R55)
550060524 (VPN-1 NG R55W)
591060524 (VPN-1 NGX R60)
602060524 (VPN-1 NGX R61)
591060524 (VPN-1 VSX NGX)
547060524 (InterSpect 1.x and 2.0)
592060524 (InterSpect NGX)
  Description: MS Word Trojan Connection Attempt Protection
     
CPAI-2006-049
  Date:
  Update Number: 692060427 (Connectra NGX R61)
691060427 (Connectra NGX)
690060427 (Connectra 2.0)
  Description: Integrity Clientless Security (ICS) Update 3.7.71.0
     
CPAI-2006-046
  Date:
  Update Number: 541060521 (VPN-1 NG R54/R55)
550060521 (VPN-1 NG R55W)
591060521 (VPN-1 NGX R60)
602060521 (VPN-1 NGX R61)
591060521 (VPN-1 VSX NGX)
547060521 (InterSpect 1.x and 2.0)
592060521 (InterSpect NGX)
692060521 (Connectra NGX R61)
  Description: IMAP Multiple Vulnerabilities Protection
     
CPSA-2006-04
  Date:
  Update Number: 592060521 (InterSpect NGX)
  Description: MySQL Protections
     
CPAI-2006-045
  Date:
  Update Number: 550060521 (VPN-1 NG R55W)
591060521 (VPN-1 NGX R60)
602060521 (VPN-1 NGX R61)
547060521 (InterSpect 1.x and 2.0)
592060521 (InterSpect NGX)
  Description: Winny P2P Buffer Overflow Protection
     
CPAI-2006-044
  Date:
  Update Number: 541060521 (VPN-1 NG R54/R55)
550060521 (VPN-1 NG R55W)
591060521 (VPN-1 NGX R60)
602060521 (VPN-1 NGX R61)
591060521 (VPN-1 VSX NGX)
547060521 (InterSpect 1.x and 2.0)
592060521 (InterSpect NGX)
  Description: Internet Explorer mhtml Redirection Protection
     
CPAI-2006-043
  Date:
  Update Number: 541060521 (VPN-1 NG R54/R55)
550060521 (VPN-1 NG R55W)
591060521 (VPN-1 NGX R60)
602060521 (VPN-1 NGX R61)
591060521 (VPN-1 VSX NGX)
547060521 (InterSpect 1.x and 2.0)
592060521 (InterSpect NGX)
  Description: Microsoft MDAC Protection (MS06-014)
     
CPAI-2006-035
  Date:
  Update Number: 541060521 (VPN-1 NG R54/R55)
550060521 (VPN-1 NG R55W)
591060521 (VPN-1 NGX R60)
602060521 (VPN-1 NGX R61)
591060521 (VPN-1 VSX NGX)
547060521 (InterSpect 1.x and 2.0)
592060521 (InterSpect NGX)
  Description: Microsoft FrontPage XSS Enhanced Protection (MS06-017)
     
SDS Footer

You received this email because our records indicate that you wish to be contacted about SmartDefense Updates, Advisories, product news, and security information. If you do not want to receive further mailings, unsubscribe by sending a message with "SIGNOFF SMARTDEFENSE-NEWS" command to LISTSERV@AMADEUS.US.CHECKPOINT.COM in the first line (not the subject).

Copyright 2003-2008 Check Point Software Technologies LTD (Nasdaq: CHKP) All rights reserved.
800 Bridge Parkway, Redwood City, CA USA 94065