SDS Banner

SmartDefense Services Bulletin
December 2006

Greetings! This bulletin features Check Point SmartDefense Services highlights for the month of . Please feel free to email us if you have any comments or questions.

To sign-up to the mailing list, send an email to listserv@amadeus.us.checkpoint.com with the text "SUBSCRIBE SMARTDEFENSE-NEWS" in the email body. If you'd like to unsubscribe from this bulletin, send an email to listserv@amadeus.us.checkpoint.com with the text "SIGNOFF SMARTDEFENSE-NEWS" in the email body.
 
In This Bulletin

About SmartDefense Services
Advisories
Defense Updates
About SmartDefense Services

Check Point SmartDefense Services maintain the most current preemptive security for your Check Point security infrastructure. To help your defenses stay continuously ahead of today’s constantly evolving threat landscape, SmartDefense Services provide:

  • Preemptive, ongoing, and real-time updates to defenses and security policies
  • Ongoing new protocol and application defenses against emerging threats and attacks
  • Step-by-step instructions on how to activate and configure defenses against emerging threats and vulnerabilities – usually before exploits are created by hackers
  • Anti-virus updates and alerts for Check Point VPN-1 UTM
  • Anti-spyware updates for Check Point Integrity Anti-Spyware 
  • Malicious applications database for automating network access and malware termination policies (Program Advisor Service for Integrity)
Advisories (Sorted by Severity, then Date)
CPAI-2006-144
  Date:
  Severity:
  Description: Update Protection against AOL Nullsoft Winamp Ultravox Heap Overflow Vulnerability
  Sources: Secunia Advisory: SA22580
  Vulnerable Systems: AOL Winamp versions 2.666 through 5.3
     
CPAI-2006-137
  Date:
  Severity:
  Description: Update Protection against Novell eDirectory 'evtFilteredMonitorEventsRequest' Vulnerability
  Sources: FrSIRT/ADV-2006-4142
  Vulnerable Systems: Novell eDirectory version 8.8.1 and prior
     
CPAI-2006-134
  Date:
  Severity:
  Description: Preemptive Protection against Microsoft XML Remote Code Execution Vulnerability (MS06-071)
  Sources: Microsoft Security Bulletin MS06-071
  Vulnerable Systems: Microsoft XML Core Services 4.0 for Windows 2000 SP4
Microsoft XML Core Services 4.0 for Microsoft Windows XP SP2
Microsoft XML Core Services 4.0 for Microsoft Windows Server 2003
Microsoft XML Core Services 4.0 for Microsoft Windows Server 2003 SP1
     
CPAI-2006-128
  Date:
  Severity:
  Description: Update Protection against Vector Markup Language (VML) Vulnerability (MS06-055)
  Sources: Microsoft Security Advisory (925568)
Microsoft Security Bulletin MS06-055
  Vulnerable Systems: Microsoft Internet Explorer 5.01 SP4 on Microsoft Windows 2000 SP4
Microsoft Internet Explorer 6 SP1 on Microsoft Windows 2000 SP4
Microsoft Internet Explorer 6 SP1 on Microsoft Windows XP SP1
Microsoft Internet Explorer 6 for Microsoft Windows XP SP2
Microsoft Internet Explorer 6 for Microsoft Windows Server 2003
Microsoft Internet Explorer 6 for Microsoft Windows Server 2003 SP1
Microsoft Internet Explorer 6 for Microsoft Windows Server 2003 (Itanium)
Microsoft Internet Explorer 6 for Microsoft Windows Server 2003 with SP1 (Itanium)
Microsoft Internet Explorer 6 for Microsoft Windows Server 2003 x64 Edition
Microsoft Internet Explorer 6 for Microsoft Windows XP Professional x64 Edition
Microsoft Internet Explorer 6 SP1 on Microsoft Windows 98
Microsoft Internet Explorer 6 SP1 on Microsoft Windows 98 SE
Microsoft Internet Explorer 6 SP1 on Microsoft Windows Millennium Edition
     
CPAI-2006-127
  Date:
  Severity:
  Description: Update Protection against setSlice Integer Overflow Vulnerability (MS06-057)
  Sources: Microsoft Security Bulletin MS06-057
  Vulnerable Systems: Microsoft Windows 2000 SP4
Microsoft Windows XP SP1
Microsoft Windows XP SP2
Microsoft Windows XP Professional x64 Edition
Microsoft Windows Server 2003
Microsoft Windows Server 2003 SP1
Microsoft Windows Server 2003 for (Itanium)
Microsoft Windows Server 2003 with SP1 for (Itanium)
Microsoft Windows Server 2003 x64 Edition
     
CPAI-2006-142
  Date:
  Severity:
  Description: Update Protection against Microsoft Agent Remote Code Execution Vulnerability (MS06-068)
  Sources: Microsoft Security Bulletin MS06-068
  Vulnerable Systems: Microsoft Windows 2000 SP4
Microsoft Windows XP SP2
Microsoft Windows XP Professional x64 Edition
Microsoft Windows Server 2003
Microsoft Windows Server 2003 SP1
Microsoft Windows Server 2003 (Itanium)
Microsoft Windows Server 2003 SP1 (Itanium)
Microsoft Windows Server 2003 x64 Edition
     
CPAI-2006-141
  Date:
  Severity:
  Description: Update Protection against Visual Studio WMI Code Execution Vulnerability (MS06-073)
  Sources: Microsoft Security Bulletin MS06-073
  Vulnerable Systems: Microsoft Visual Studio 2005
     
CPAI-2006-140
  Date:
  Severity:
  Description: Update Protection against Microsoft XML Remote Code Execution Vulnerability (MS06-071)
  Sources: Microsoft Security Bulletin MS06-071
  Vulnerable Systems: Microsoft XML Core Services 4.0 for Windows 2000 SP4
Microsoft XML Core Services 4.0 for Microsoft Windows XP SP2
Microsoft XML Core Services 4.0 for Microsoft Windows Server 2003
Microsoft XML Core Services 4.0 for Microsoft Windows Server 2003 SP1
     
CPAI-2006-139
  Date:
  Severity:
  Description: Update Protection against Workstation Service Buffer Overflow Vulnerability (MS06-070)
  Sources: Microsoft Security Bulletin MS06-070
  Vulnerable Systems: Microsoft Windows 2000 SP4
Microsoft Windows XP SP2
     
CPAI-2006-138
  Date:
  Severity:
  Description: Update Protection against NetWare Client Service Remote Code Execution Vulnerability (MS06-066)
  Sources: Microsoft Security Bulletin MS06-066
  Vulnerable Systems: Microsoft Windows 2000 SP4
Microsoft Windows XP SP2
Microsoft Windows Server 2003
Microsoft Windows Server 2003 SP1
     
CPAI-2006-132
  Date:
  Severity:
  Description: Preemptive Protection against McAfee HTTP Server Buffer Overflow Vulnerability
  Sources: FrSIRT/ADV-2006-3861
  Vulnerable Systems: McAfee ePolicy Orchestrator version 3.5.0 Patch 5 and prior
McAfee ProtectionPilot version 1.1.1 Patch 2 and prior
     
CPAI-2006-131
  Date:
  Severity:
  Description: Update Protection against W-Agora 'inc_dir' Parameter Remote File Inclusion Vulnerabilities
  Sources: Secunia Advisory: SA20779
FrSIRT/ADV-2006-2507
  Vulnerable Systems: W-Agora version 4.2.0 and prior
     
CPAI-2006-130
  Date:
  Severity:
  Description: Update Protection against Multiple MySQL Query Commands Vulnerabilities
  Sources: FrSIRT/ADV-2006-3079
FrSIRT/ADV-2006-3077
  Vulnerable Systems: MySQL versions 3.x, 4.x and 5.x
IBM Informix Dynamic Server versions 7.3, 9.4 and 10.0
     
CPAI-2006-129
  Date:
  Severity:
  Description: Update Protection against Microsoft Server Service Vulnerabilities (MS06-063)
  Sources: Microsoft Security Bulletin MS06-063
  Vulnerable Systems: Microsoft Windows 2000 SP4 
Microsoft Windows XP SP1 and SP2
Microsoft Windows XP Professional x64 Edition
Microsoft Windows Server 2003
Microsoft Windows Server 2003 SP1
Microsoft Windows Server 2003 for Itanium-based Systems
Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
     
CPAI-2006-126
  Date:
  Severity:
  Description: Update Protection against phpFullAnnu 'repmod' parameter File Inclusion Vulnerability
  Sources: FrSIRT/ADV-2006-3493
  Vulnerable Systems: phpFullAnnu version 5.1 and prior
     
CPAI-2006-125
  Date:
  Severity:
  Description: Update Protection against C-News 'path' Parameter File Inclusion Vulnerability
  Sources: FrSIRT/ADV-2006-3471
  Vulnerable Systems: C-News version 1.0.1 and prior
     
CPAI-2006-145
  Date:
  Severity:
  Description: Integrity Clientless Security (ICS) Update 3.7.116.0
  Sources: SmartDefense Research Center
  Vulnerable Systems: Microsoft Windows clients
     
CPAI-2006-143
  Date:
  Severity:
  Description: Block MSN Messenger Live 8
  Sources: SmartDefense Research Center
  Vulnerable Systems: MSN Messenger Live 8
     
CPAI-2006-136
  Date:
  Severity:
  Description: Preemptive Protection against OpenLDAP BIND Denial of Service Vulnerability
  Sources: Secunia Advisory: SA22750
  Vulnerable Systems: OpenLDAP version 2.2.29 and prior
     
CPAI-2006-135
  Date:
  Severity:
  Description: Integrity Clientless Security (ICS) Update 3.7.111.0
  Sources: SmartDefense Research Center
  Vulnerable Systems: Microsoft Windows clients
     
CPAI-2006-133
  Date:
  Severity:
  Description: Preemptive Protection against Microsoft Windows 'ipnathlp.dll' Denial of Service Vulnerability
  Sources: Secunia Advisory: SA22592
  Vulnerable Systems: Microsoft Windows XP
     
CPAI-2006-124
  Date:
  Severity:
  Description: Integrity Clientless Security (ICS) Update 3.7.108.0
  Sources: SmartDefense Research Center
  Vulnerable Systems: Microsoft Windows clients
     
CPAI-2006-123
  Date:
  Severity:
  Description: Update Protection against OpenSSL RSA Key Signature Forgery Vulnerability
  Sources: FrSIRT/ADV-2006-3453
  Vulnerable Systems: OpenSSL version 0.9.7j and prior
OpenSSL version 0.9.8b and prior
     
Defense Updates
CPAI-2006-145
  Date:
  Update Number: 692061129 (Connectra NGX R61/R62)
691061129(Connectra NGX)
690061129 (Connectra 2.0)
  Description: Integrity Clientless Security (ICS) Update 3.7.116.0
     
CPAI-2006-144
  Date:
  Update Number: 541061129 (VPN-1 NG R54/R55)
550061129 (VPN-1 NG R55W)
591061129 (VPN-1 NGX R60)
602061129 (VPN-1 NGX R61/R62)
591061129 (VPN-1 VSX NGX)
547061129 (InterSpect 1.x and 2.0)
592061129 (InterSpect NGX)
  Description: AOL Nullsoft Winamp Ultravox Protection
     
CPAI-2006-143
  Date:
  Update Number: 541061129 (VPN-1 NG R54/R55)
550061129 (VPN-1 NG R55W)
591061129 (VPN-1 NGX R60)
602061129 (VPN-1 NGX R61/R62)
591061129 (VPN-1 VSX NGX)
547061129 (InterSpect 1.x and 2.0)
592061129 (InterSpect NGX)
692061129 (Connectra NGX R61/R62)
  Description: MSN Messenger Live 8 Protection
     
CPAI-2006-142
  Date:
  Update Number: 541061129 (VPN-1 NG R55)
550061129 (VPN-1 NG R55W)
591061129 (VPN-1 NGX R60)
602061129 (VPN-1 NGX R61/R62)
591061129 (VPN-1 VSX NGX)
547061129 (InterSpect 1.x and 2.0)
592061129 (InterSpect NGX)
  Description: Microsoft Agent Protection (MS06-068)
     
CPAI-2006-141
  Date:
  Update Number: 541061129 (VPN-1 NG R55)
550061129 (VPN-1 NG R55W)
591061129 (VPN-1 NGX R60)
602061129 (VPN-1 NGX R61/R62)
591061129 (VPN-1 VSX NGX)
547061129 (InterSpect 1.x and 2.0)
592061129 (InterSpect NGX)
  Description: Visual Studio WMI Protection
     
CPAI-2006-140
  Date:
  Update Number: 541061129 (VPN-1 NG R55)
550061129 (VPN-1 NG R55W)
591061129 (VPN-1 NGX R60)
602061129 (VPN-1 NGX R61/R62)
591061129 (VPN-1 VSX NGX)
547061129 (InterSpect 1.x and 2.0)
592061129 (InterSpect NGX)
  Description: Microsoft XML Protection (MS06-071)
     
CPAI-2006-139
  Date:
  Update Number: 541061129 (VPN-1 NG R55)
550061129 (VPN-1 NG R55W)
591061129 (VPN-1 NGX R60)
602061129 (VPN-1 NGX R61/R62)
591061129 (VPN-1 VSX NGX)
547061129 (InterSpect 1.x and 2.0)
592061129 (InterSpect NGX)
  Description: Workstation Service Buffer Overflow Protection (MS06-070)
     
CPAI-2006-138
  Date:
  Update Number: 541061129 (VPN-1 NG R55)
550061129 (VPN-1 NG R55W)
591061129 (VPN-1 NGX R60)
602061129 (VPN-1 NGX R61/R62)
591061129 (VPN-1 VSX NGX)
547061129 (InterSpect 1.x and 2.0)
592061129 (InterSpect NGX)
  Description: NetWare Client Service Protection (MS06-066)
     
CPAI-2006-137
  Date:
  Update Number: 541061129 (VPN-1 NG R55)
550061129 (VPN-1 NG R55W)
591061129 (VPN-1 NGX R60)
602061129 (VPN-1 NGX R61/R62)
591061129 (VPN-1 VSX NGX)
547061129 (InterSpect 1.x and 2.0)
592061129 (InterSpect NGX)
  Description: Novell eDirectory Protection
     
CPAI-2006-135
  Date:
  Update Number: 692061114 (Connectra NGX R61/R62)
691061114 (Connectra NGX)
690061114 (Connectra 2.0)
  Description: Integrity Clientless Security (ICS) Update 3.7.111.0
     
CPAI-2006-131
  Date:
  Update Number: 541061112 (VPN-1 NG R54/R55)
550061112 (VPN-1 NG R55W)
591061112 (VPN-1 NGX R60)
602061112 (VPN-1 NGX R61/R62)
591061112 (VPN-1 VSX NGX)
547061112 (InterSpect 1.x and 2.0)
592061112 (InterSpect NGX)
692061112 (Connectra NGX R61/R62)
  Description: W-Agora Remote File Inclusion Protection
     
CPAI-2006-130
  Date:
  Update Number: 547061112 (InterSpect 1.x and 2.0)
592061112 (InterSpect NGX)
  Description: Multiple MySQL Query Commands Protection
     
CPAI-2006-129
  Date:
  Update Number: 541061112 (VPN-1 NG R55)
550061112 (VPN-1 NG R55W)
591061112 (VPN-1 NGX R60)
602061112 (VPN-1 NGX R61/R62)
591061112 (VPN-1 VSX NGX)
547061112 (InterSpect 1.x and 2.0)
592061112 (InterSpect NGX)
  Description: Microsoft Server Service Protections (MS06-063)
     
CPAI-2006-128
  Date:
  Update Number: 541061112 (VPN-1 NG R55)
550061112 (VPN-1 NG R55W)
591061112 (VPN-1 NGX R60)
602061112 (VPN-1 NGX R61/R62)
591061112 (VPN-1 VSX NGX)
547061112 (InterSpect 1.x and 2.0)
592061112 (InterSpect NGX)
  Description: Vector Markup Language (VML) Protection (MS06-055)
     
CPAI-2006-127
  Date:
  Update Number: 541061112 (VPN-1 NG R55)
550061112 (VPN-1 NG R55W)
591061112 (VPN-1 NGX R60)
602061112 (VPN-1 NGX R61/R62)
591061112 (VPN-1 VSX NGX)
547061112 (InterSpect 1.x and 2.0)
592061112 (InterSpect NGX)
  Description: setSlice Integer Overflow Protection (MS06-057)
     
CPAI-2006-126
  Date:
  Update Number: 541061112 (VPN-1 NG R54/R55)
550061112 (VPN-1 NG R55W)
591061112 (VPN-1 NGX R60)
602061112 (VPN-1 NGX R61/R62)
591061112 (VPN-1 VSX NGX)
547061112 (InterSpect 1.x and 2.0)
592061112 (InterSpect NGX)
692061112 (Connectra NGX R61/R62)
  Description: phpFullAnnu File Inclusion Protection
     
CPAI-2006-125
  Date:
  Update Number: 541061112 (VPN-1 NG R54/R55)
550061112 (VPN-1 NG R55W)
591061112 (VPN-1 NGX R60)
602061112 (VPN-1 NGX R61/R62)
591061112 (VPN-1 VSX NGX)
547061112 (InterSpect 1.x and 2.0)
592061112 (InterSpect NGX)
692061112 (Connectra NGX R61/R62)
  Description: C-News File Inclusion Protection
     
CPAI-2006-124
  Date:
  Update Number: 692061023 (Connectra NGX R61/R62)
691061023 (Connectra NGX)
690061023 (Connectra 2.0)
  Description: Integrity Clientless Security (ICS) Update 3.7.108.0
     
CPAI-2006-123
  Date:
  Update Number: 541061112 (VPN-1 NG R55)
550061112 (VPN-1 NG R55W)
591061112 (VPN-1 NGX R60)
602061112 (VPN-1 NGX R61/R62)
591061112 (VPN-1 VSX NGX)
547061112 (InterSpect 1.x and 2.0)
592061112 (InterSpect NGX)
  Description: OpenSSL RSA Key Signature Forgery Protection
     
CPAI-2006-119
  Date:
  Update Number: 547061112 (InterSpect 1.x and 2.0)
692061112 (Connectra NGX R61/R62)
  Description: CBSMS Mambo Module Protection
     
CPAI-2006-118
  Date:
  Update Number: 547061112 (InterSpect 1.x and 2.0)
  Description: Microsoft Internet Explorer (daxctle.ocx) Protection
     
CPAI-2006-117
  Date:
  Update Number: 547061112 (InterSpect 1.x and 2.0)
692061112 (Connectra NGX R61/R62)
  Description: Microsoft Windows MailSlot Protection (MS06-035)
     
CPAI-2006-116
  Date:
  Update Number: 547061112 (InterSpect 1.x and 2.0)
  Description: Microsoft Windows RASMAN Protection (MS06-025)
     
CPAI-2006-115
  Date:
  Update Number: 547061112 (InterSpect 1.x and 2.0)
  Description: Windows Explorer GUID Protection (MS06-045)
     
CPAI-2006-114
  Date:
  Update Number: 547061112 (InterSpect 1.x and 2.0)
  Description: Microsoft Management Console Protection (MS06-044)
     
CPAI-2006-113
  Date:
  Update Number: 547061112 (InterSpect 1.x and 2.0)
  Description: Microsoft Windows MHTML Protection (MS06-043)
     
CPAI-2006-112
  Date:
  Update Number: 547061112 (InterSpect 1.x and 2.0)
  Description: Microsoft Internet Explorer Memory Corruption Protections (MS06-042)
     
CPAI-2006-111
  Date:
  Update Number: 547061112 (InterSpect 1.x and 2.0)
  Description: Malformed DNS ATMA Protection (MS06-041)
     
SBP-2006-12
  Date:
  Update Number: 541061112 (VPN-1 NG R55)
550061112 (VPN-1 NG R55W)
591061112 (VPN-1 NGX R60)
602061112 (VPN-1 NGX R61/R62)
591061112 (VPN-1 VSX NGX)
547061112 (InterSpect 1.x and 2.0)
592061112 (InterSpect NGX)
  Description: Protection against Heap Spraying Techniques
     
SDS Footer

You received this email because our records indicate that you wish to be contacted about SmartDefense Updates, Advisories, product news, and security information. If you do not want to receive further mailings, unsubscribe by sending a message with "SIGNOFF SMARTDEFENSE-NEWS" command to LISTSERV@AMADEUS.US.CHECKPOINT.COM in the first line (not the subject).

Copyright 2003-2008 Check Point Software Technologies LTD (Nasdaq: CHKP) All rights reserved.
800 Bridge Parkway, Redwood City, CA USA 94065