SDS Banner

SmartDefense Services Bulletin
October 2006

Greetings! This bulletin features Check Point SmartDefense Services highlights for the month of . Please feel free to email us if you have any comments or questions.

To sign-up to the mailing list, send an email to listserv@amadeus.us.checkpoint.com with the text "SUBSCRIBE SMARTDEFENSE-NEWS" in the email body. If you'd like to unsubscribe from this bulletin, send an email to listserv@amadeus.us.checkpoint.com with the text "SIGNOFF SMARTDEFENSE-NEWS" in the email body.

 
In This Bulletin

About SmartDefense Services
What's New
Advisories
Defense Updates

About SmartDefense Services

Check Point SmartDefense Services maintain the most current preemptive security for your Check Point security infrastructure. To help your defenses stay continuously ahead of today’s constantly evolving threat landscape, SmartDefense Services provide:

  • Preemptive, ongoing, and real-time updates to defenses and security policies
  • Ongoing new protocol and application defenses against emerging threats and attacks
  • Step-by-step instructions on how to activate and configure defenses against emerging threats and vulnerabilities – usually before exploits are created by hackers
  • Anti-virus updates and alerts for Check Point VPN-1 Express CI
  • Anti-spyware updates for Check Point Integrity Anti-Spyware 
  • Malicious applications database for automating network access and malware termination policies (Program Advisor Service for Integrity)
What's New

NEW Release:  NGX R62
Centrally manage multiple SmartDefense Profiles

The new NGX R62 release supports VPN-1 gateways and SMART management solutions, including VPN-1 Power, VPN-1 UTM, SmartCenter and Provider-1. The most significant enhancement in this release is the enablement of SmartDefense Profiles.

SmartDefense Profiles expand the flexibility and granularity of security defenses, while allowing central control and management of the security infrastructure. By defining multiple SmartDefense Profiles and associating them with Check Point gateways, each gateway can have different defense settings and SmartDefense attributes. SmartDefense Profiles are now supported on VPN-1 Power and VPN-1 UTM gateways. All profiles on all gateways can be centrally managed through the SmartDashboard in SmartCenter or Provider-1.

To learn more about this release, please visit:  http://www.checkpoint.com/downloads/latest/ngx_r62.html

Advisories (Sorted by Severity, then Date)
CPAI-2006-105
  Date:
  Severity:
  Description: Update Protection against Microsoft Internet Explorer UTF-8 Decoding Vulnerability (MS06-021)
  Sources: Microsoft Security Bulletin MS06-021
  Vulnerable Systems: Microsoft Internet Explorer 5.01 SP4 on Microsoft Windows 2000 SP4
Microsoft Internet Explorer 6 SP1 on Microsoft Windows 2000 SP4
Microsoft Internet Explorer 6 SP1 on Microsoft Windows XP SP1
Microsoft Internet Explorer 6 for Microsoft Windows XP SP2
Microsoft Internet Explorer 6 for Microsoft Windows Server 2003
Microsoft Internet Explorer 6 for Microsoft Windows Server 2003 SP1
Microsoft Internet Explorer 6 for Microsoft Windows Server 2003 (Itanium)
Microsoft Internet Explorer 6 for Microsoft Windows Server 2003 with SP1 (Itanium)
Microsoft Internet Explorer 6 for Microsoft Windows Server 2003 x64 Edition
Microsoft Internet Explorer 6 for Microsoft Windows XP Professional x64 Edition
Microsoft Internet Explorer 6 SP1 on Microsoft Windows 98
Microsoft Internet Explorer 6 SP1 on Microsoft Windows 98 SE
Microsoft Internet Explorer 6 SP1 on Microsoft Windows Millennium Edition
     
CPAI-2006-106
  Date:
  Severity:
  Description: Update Protection against Apache LDAP HTTP Server Buffer Overflow Vulnerability
  Sources: FrSIRT/ADV-2006-3017
  Vulnerable Systems: Apache versions 1.3.28 through 1.3.36
Apache versions 2.0.46 through 2.0.58
Apache versions 2.2.0 through 2.2.2
     
CPAI-2006-104
  Date:
  Severity:
  Description: Update Protection against Microsoft Internet Explorer Help Control (HHCtrl) Vulnerability
  Sources: FRSIRT/ADV-2006-2952
  Vulnerable Systems: Microsoft Internet Explorer 5.01 SP4 on Microsoft Windows 2000 SP4
Microsoft Internet Explorer 6 SP1 on Microsoft Windows 2000 SP4
Microsoft Internet Explorer 6 SP1 on Microsoft Windows XP SP1
Microsoft Internet Explorer 6 for Microsoft Windows XP SP2
Microsoft Internet Explorer 6 for Microsoft Windows Server 2003
Microsoft Internet Explorer 6 for Microsoft Windows Server 2003 SP1
Microsoft Internet Explorer 6 for Microsoft Windows Server 2003 (Itanium)
Microsoft Internet Explorer 6 for Microsoft Windows Server 2003 with SP1 (Itanium)
Microsoft Internet Explorer 6 for Microsoft Windows Server 2003 x64 Edition
Microsoft Internet Explorer 6 for Microsoft Windows XP Professional x64 Edition
Microsoft Internet Explorer 6 SP1 on Microsoft Windows 98
Microsoft Internet Explorer 6 SP1 on Microsoft Windows 98 SE
Microsoft Internet Explorer 6 SP1 on Microsoft Windows Millennium Edition
     
CPAI-2006-103
  Date:
  Severity:
  Description: Update Protection against GraceNote (CDDB) Control ActiveX Vulnerability
  Sources: FrSIRT/ADV-2006-2562
  Vulnerable Systems: CDDBControl ActiveX Control
Sony CONNECT Player
Sony SonicStage version 3.3
Sony SonicStage version 3.4
Sony SonicStage Mastering Studio version 2.1
Sony SonicStage Mastering Studio version 2.2
     
CPAI-2006-101
  Date:
  Severity:
  Description: Update Protection against Microsoft Windows DHCP Remote Code Execution Vulnerability (MS06-036)
  Sources: Microsoft Security Bulletin MS06-036
FrSIRT/ADV-2006-2754
  Vulnerable Systems: Microsoft Windows 2000 SP4
Microsoft Windows XP SP1
Microsoft Windows XP SP2
Microsoft Windows XP Professional x64 Edition
Microsoft Windows Server 2003
Microsoft Windows Server 2003 SP1
Microsoft Windows Server 2003 (Itanium)
Microsoft Windows Server 2003 SP1 (Itanium)
Microsoft Windows Server 2003 x64 Edition
     
CPAI-2006-098
  Date:
  Severity:
  Description: Update Protection aganist Malformed IMAP Commands Vulnerabilities (LIST, LOGIN, SELECT)
  Sources: SecurityTracker Alert ID: 1015748
Secunia Advisory: SA19267
iDEFENSE Advisory: 12.20.05
 
  Vulnerable Systems: Kerio MailServer prior to version 6.1.3 patch 1
Mercur Messaging 2005
Eudora Qualcomm WorldMail version 3.0 and prior

     
CPAI-2006-109
  Date:
  Severity:
  Description: Integrity Clientless Security (ICS) Update 3.7.101.0
  Sources: SmartDefense Research Center
  Vulnerable Systems: Microsoft Windows clients
     
CPAI-2006-107
  Date:
  Severity:
  Description: Integrity Clientless Security (ICS) Update 3.7.100.0
  Sources: SmartDefense Research Center
  Vulnerable Systems: Microsoft Windows clients
     
CPAI-2006-102
  Date:
  Severity:
  Description: Update Protection against MiniBB Remote File Vulnerabilities
  Sources: SecurityTracker Alert ID: 1016507
  Vulnerable Systems: MiniBB MiniBB 1.5 a
     
CPAI-2006-100
  Date:
  Severity:
  Description: Preemptive Protection against WFTPD 3.23 Remote Buffer Overflow Vulnerability
  Sources: SecurityTracker
  Vulnerable Systems: WFTPD Server 3.23
     
CPAI-2006-099
  Date:
  Severity:
  Description: Integrity Clientless Security (ICS) Update 3.7.98.0
  Sources: SmartDefense Research Center
  Vulnerable Systems: Microsoft Windows clients
     
CPAI-2006-110
  Date:
  Severity:
  Description: Update Protection against Indexing Service Cross-Site Scripting Vulnerability (MS06-053)
  Sources: Microsoft Security Bulletin MS06-053
  Vulnerable Systems: Microsoft Windows 2000 SP4
Microsoft Windows XP SP1
Microsoft Windows XP SP2
Microsoft Windows XP Professional x64 Edition
Microsoft Windows Server 2003
Microsoft Windows Server 2003 SP1
Microsoft Windows Server 2003 (Itanium)
Microsoft Windows Server 2003 SP1 (Itanium)
Microsoft Windows Server 2003 x64 Edition
     
CPAI-2006-108
  Date:
  Severity:
  Description: Preemptive Protection Against Zero-Day Vulnerability in Microsoft Word 2000 (925059)
  Sources: Microsoft Security Advisory (925059)
  Vulnerable Systems: Microsoft Word 2000
     
Defense Updates
CPAI-2006-110
  Date:
  Update Number: 541060914 (VPN-1 NG R54/R55)
550060914 (VPN-1 NG R55W)
591060914 (VPN-1 NGX R60)
602060914 (VPN-1 NGX R61/R62)
591060914 (VPN-1 VSX NGX)
547060914 (InterSpect 1.x and 2.0)
592060914 (InterSpect NGX)
692060914 (Connectra NGX R61)
  Description: Microsoft Windows Indexing Service XSS Protection (MS06-053)
     
CPAI-2006-109
  Date:
  Update Number: 692060911 (Connectra NGX R61)
691060911 (Connectra NGX)
690060911 (Connectra 2.0)
  Description: Integrity Clientless Security (ICS) Update 3.7.101.0
     
CPAI-2006-107
  Date:
  Update Number: 692060904 (Connectra NGX R61)
691060904 (Connectra NGX)
690060904 (Connectra 2.0)
  Description: Integrity Clientless Security (ICS) Update 3.7.100.0
     
CPAI-2006-106
  Date:
  Update Number: 541060912 (VPN-1 NG R54/R55)
550060912 (VPN-1 NG R55W)
591060912 (VPN-1 NGX R60)
602060912 (VPN-1 NGX R61/R62)
591060912 (VPN-1 VSX NGX)
547060912 (InterSpect 1.x and 2.0)
592060912 (InterSpect NGX)
692060912 (Connectra NGX R61)
  Description: Apache LDAP HTTP Server Protection
     
CPAI-2006-105
  Date:
  Update Number: 541060912 (VPN-1 NG R55)
550060912 (VPN-1 NG R55W)
591060912 (VPN-1 NGX R60)
602060912 (VPN-1 NGX R61/R62)
591060912 (VPN-1 VSX NGX)
547060912 (InterSpect 1.x and 2.0)
592060912 (InterSpect NGX)
  Description: Microsoft Internet Explorer UTF-8 Decoding Protection (MS06-021)
     
CPAI-2006-104
  Date:
  Update Number: 541060912 (VPN-1 NG R55)
550060912 (VPN-1 NG R55W)
591060912 (VPN-1 NGX R60)
602060912 (VPN-1 NGX R61/R62)
591060912 (VPN-1 VSX NGX)
547060912 (InterSpect 1.x and 2.0)
592060912 (InterSpect NGX)
  Description: Microsoft Internet Explorer (Internet.HHCtrl) Protection
     
CPAI-2006-103
  Date:
  Update Number: 541060912 (VPN-1 NG R55)
550060912 (VPN-1 NG R55W)
591060912 (VPN-1 NGX R60)
602060912 (VPN-1 NGX R61/R62)
591060912 (VPN-1 VSX NGX)
547060912 (InterSpect 1.x and 2.0)
592060912 (InterSpect NGX)
  Description: GraceNote (CDDB) Control ActiveX Protection
     
CPAI-2006-102
  Date:
  Update Number: 541060912 (VPN-1 NG R54/R55)
550060912 (VPN-1 NG R55W)
591060912 (VPN-1 NGX R60)
602060912 (VPN-1 NGX R61/R62)
591060912 (VPN-1 VSX NGX)
547060912 (InterSpect 1.x and 2.0)
592060912 (InterSpect NGX)
692060912 (Connectra NGX R61)
  Description: MiniBB Remote File Protection
     
CPAI-2006-101
  Date:
  Update Number: 541060912 (VPN-1 NG R55)
550060912 (VPN-1 NG R55W)
591060912 (VPN-1 NGX R60)
602060912 (VPN-1 NGX R61/R62)
591060912 (VPN-1 VSX NGX)
547060912 (InterSpect 1.x and 2.0)
592060912 (InterSpect NGX)
  Description: Microsoft Windows DHCP Protection (MS06-036)
     
CPAI-2006-99
  Date:
  Update Number: 692060823 (Connectra NGX R61)
691060823 (Connectra NGX)
690060823 (Connectra 2.0)
  Description: Integrity Clientless Security (ICS) Update 3.7.98.0
     
CPAI-2006-098
  Date:
  Update Number: 541060912 (VPN-1 NG R54/R55)
550060912 (VPN-1 NG R55W)
591060912 (VPN-1 NGX R60)
602060912 (VPN-1 NGX R61/R62)
591060912 (VPN-1 VSX NGX)
547060912 (InterSpect 1.x and 2.0)
592060912 (InterSpect NGX)
  Description: Malformed IMAP Commands Protection
     
SBP-2006-07
  Date:
  Update Number: 592060912 (InterSpect NGX)
  Description: Remote Desktop Protocol (RDP) Protections
     
SBP-2006-06
  Date:
  Update Number: 541060912 (VPN-1 NG R55)
550060912 (VPN-1 NG R55W)
591060912 (VPN-1 NGX R60)
602060912 (VPN-1 NGX R61/R62)
591060912 (VPN-1 VSX NGX)
547060912 (InterSpect 1.x and 2.0)
592060912 (InterSpect NGX)
  Description: Block Microsoft Office Protections
     
SDS Footer

You received this email because our records indicate that you wish to be contacted about SmartDefense Updates, Advisories, product news, and security information. If you do not want to receive further mailings, unsubscribe by sending a message with "SIGNOFF SMARTDEFENSE-NEWS" command to LISTSERV@AMADEUS.US.CHECKPOINT.COM in the first line (not the subject).

Copyright 2003-2008 Check Point Software Technologies LTD (Nasdaq: CHKP) All rights reserved.
800 Bridge Parkway, Redwood City, CA USA 94065