SDS Banner

SmartDefense Services Bulletin
February 2008

Greetings! This bulletin features Check Point SmartDefense Services highlights for the month of . Please feel free to email us if you have any comments or questions.

To sign-up to the mailing list, send an email to listserv@amadeus.us.checkpoint.com with the text "SUBSCRIBE SMARTDEFENSE-NEWS" in the email body. If you'd like to unsubscribe from this bulletin, send an email to listserv@amadeus.us.checkpoint.com with the text "SIGNOFF SMARTDEFENSE-NEWS" in the email body.

 
In This Bulletin

About SmartDefense Services
Advisories
Defense Updates

About SmartDefense Services

Check Point SmartDefense Services maintain the most current preemptive security for your Check Point security infrastructure. To help your defenses stay continuously ahead of today’s constantly evolving threat landscape, SmartDefense Services provide:

  • Preemptive, ongoing, and real-time updates to defenses and security policies
  • Ongoing new protocol and application defenses against emerging threats and attacks
  • Step-by-step instructions on how to activate and configure defenses against emerging threats and vulnerabilities – usually before exploits are created by hackers
  • Anti-virus updates and alerts for Check Point VPN-1 UTM
  • Anti-spyware updates for Check Point Integrity Anti-Spyware 
  • Malicious applications database for automating network access and malware termination policies (Program Advisor Service for Integrity)
Advisories (Sorted by Severity, then Date)
CPAI-2008-015
  Date:
  Severity:
  Description: Update Protection against Cisco Unified Communications Manager CTL Provider Heap Overflow Vulnerability
  Sources: Secunia Advisory: SA28530
  Vulnerable Systems: Cisco Systems Unified CallManager 4.0
Cisco Systems Unified CallManager 4.1 Versions prior to 4.1(3)SR5c
Cisco Systems Unified Communications Manager 4.2 Versions prior to 4.2(3)SR3
Cisco Systems Unified Communications Manager 4.3 Versions prior to 4.3(1)SR1
     
CPAI-2008-012
  Date:
  Severity:
  Description: Update Protection against Microsoft Excel File Handling Code Execution Vulnerability (MS 947563)
  Sources: Microsoft Security Advisory (947563)
  Vulnerable Systems: Microsoft Excel 2000
Microsoft Excel 2002
Microsoft Excel 2003 prior to SP3
Microsoft Excel 2004 for Mac
Microsoft Excel Viewer 2003
Microsoft Office 2000
Microsoft Office 2003 prior to SP3
Microsoft Office XP
     
CPAI-2008-005
  Date:
  Severity:
  Description: Update Protection against Microsoft Windows Kernel TCP/IP IGMPv3 Vulnerability (MS08-001)
  Sources: Microsoft Security Bulletin MS08-001
  Vulnerable Systems: Microsoft Windows XP SP2
Microsoft Windows XP Professional x64 Edition
Microsoft Windows XP Professional x64 Edition SP2
Microsoft Windows Server 2003 SP1/SP2
Microsoft Windows Server 2003 x64 Edition
Microsoft Windows Server 2003 SP1/SP2 for Itanium-based Systems
Microsoft Windows Vista
Microsoft Windows Vista x64 Edition
     
CPAI-2008-014
  Date:
  Severity:
  Description: Update Protection against OpenSSL SSL_get_shared_ciphers Function Buffer Overflow Vulnerability
  Sources: FrSIRT/ADV-2007-3325
  Vulnerable Systems: OpenSSL Project OpenSSL 0.9.7m and prior
OpenSSL Project OpenSSL 0.9.8e and prior
     
CPAI-2008-010
  Date:
  Severity:
  Description: Update Protection against Macrovision InstallShield Update Service ActiveX Control Code Execution Vulnerability
  Sources: Secunia Advisory: SA27475
  Vulnerable Systems: Macrovision InstallShield 2008
Macrovision FLEXnet Connect 6.0 prior to 6.0.100.65101
Macrovision Update Service all versions from 2.x to 5.x to 5.1.100 47363
     
CPAI-2008-003
  Date:
  Severity:
  Description: Update Protections against Recent Malware Threats (09-Jan-08)
  Sources: http://www.emsisoft.it/it/malware/?Adware.Win32.Dreambar
http://www.411-spyware.com/phazebar
  Vulnerable Systems: Microsoft Windows clients
     
CPAI-2008-002
  Date:
  Severity:
  Description: Update Protection against AOL Radio AmpX ActiveX Control Buffer Overflow Vulnerability
  Sources: Secunia Advisory: SA27622
  Vulnerable Systems: AOL Radio 2.6.1.11
     
CPAI-2008-001
  Date:
  Severity:
  Description: Update Protection against HP Software Update Tool ActiveX Control File Overwrite Vulnerability
  Sources: Secunia Advisory: SA28177
  Vulnerable Systems: HP RulesEngine.dll ActiveX CTL 1.0
HP Software Update 3.0.8.4
HP Compaq Business Notebook PC NC6220
HP Compaq Business Notebook PC NC6230
HP Compaq Business Notebook PC NC8230
HP Compaq Business Notebook PC NX6120
HP Compaq Business Notebook PC NX6325
HP Compaq Business Notebook PC NX7300
HP Compaq Business Notebook PC NX8220
HP Compaq Mobile Workstation NW8440
HP Compaq Mobile Workstation NW9440
HP Compaq Notebook PC 2510p
HP Compaq Notebook PC 2710p
HP Compaq Notebook PC 6510b
HP Compaq Notebook PC 6715b
HP Notebook Pavilion _Other
HP RulesEngine.dll ActiveX CTL 1.0
HP Software Update 3.0.8.4
     
CPAI-2008-013
  Date:
  Severity:
  Description: Update Protection against Apache HTTP Server mod_cache Module Denial of Service Vulnerability
  Sources: Secunia Advisory: SA25830
  Vulnerable Systems: Apache Software Foundation HTTP Server 2.2.x
Apache Software Foundation HTTP Server 2.0.x
     
CPAI-2008-016
  Date:
  Severity:
  Description: Integrity Clientless Security (ICS) Update 3.7.205.0
  Sources: SmartDefense Research Center
  Vulnerable Systems: Microsoft Windows clients
     
CPAI-2008-009
  Date:
  Severity:
  Description: Update Protection against VideoLAN VLC ActiveX Control Memory Corruption Vulnerability
  Sources: Secunia Advisory: SA27878
  Vulnerable Systems: VideoLAN VLC 0.86
VideoLAN VLC 0.86a
VideoLAN VLC 0.86b
VideoLAN VLC 0.86c
     
CPAI-2008-007
  Date:
  Severity:
  Description: Integrity Clientless Security (ICS) Update 3.7.201.0
  Sources: SmartDefense Research Center
  Vulnerable Systems: Microsoft Windows clients
     
CPAI-2008-004
  Date:
  Severity:
  Description: Update Protection against Microsoft Windows Kernel TCP/IP ICMP Vulnerability (MS08-001)
  Sources: Microsoft Security Bulletin MS08-001
  Vulnerable Systems: Microsoft Windows 2000 SP4
Microsoft Windows XP SP2
Microsoft Windows XP Professional x64 Edition
Microsoft Windows XP Professional x64 Edition SP2
Microsoft Windows Server 2003 SP1/SP2
Microsoft Windows Server 2003 x64 Edition
Microsoft Windows Server 2003 SP1/SP2 for Itanium-based Systems
     
CPAI-2008-006
  Date:
  Severity:
  Description: Preemptive Protection against Apache mod_imap and mod_imagemap Module Cross-Site Scripting Vulnerability
  Sources: Secunia Advisory: SA28046
  Vulnerable Systems: Apache Software Foundation HTTP Server 1.3.0 - 1.3.39
Apache Software Foundation HTTP Server 2.0.35 - 2.0.61
Apache Software Foundation HTTP Server 2.2.0 - 2.2.6
     
Defense Updates
CPAI-2008-015
  Date:
  Update Number: 692080127 (Connectra NGX R61/R62)
541080127 (VPN-1 NG R54/R55)
591080127 (VPN-1 NGX R60)
602080127 (VPN-1 NGX R61/R62/R65)
591080127 (VPN-1 VSX NGX)
592080127 (InterSpect NGX)
  Description: Cisco Unified Communications Manager CTL Provider Heap Overflow Protection
     
CPAI-2008-014
  Date:
  Update Number: 692080127 (Connectra NGX R61/R62)
541080127 (VPN-1 NG R54/R55)
591080127 (VPN-1 NGX R60)
602080127 (VPN-1 NGX R61/R62/R65)
591080127 (VPN-1 VSX NGX)
592080127 (InterSpect NGX)
  Description: OpenSSL SSL_get_shared_ciphers Function Buffer Overflow Protection
     
CPAI-2008-013
  Date:
  Update Number: 692080127 (Connectra NGX R61/R62)
541080127 (VPN-1 NG R54/R55)
591080127 (VPN-1 NGX R60)
602080127 (VPN-1 NGX R61/R62/R65)
591080127 (VPN-1 VSX NGX)
592080127 (InterSpect NGX)
  Description: Apache HTTP Server mod_cache Module DoS Protection
     
CPAI-2008-016
  Date:
  Update Number: 692080121 (Connectra NGX R61/R62)
691080121 (Connectra NGX R60)
  Description: Integrity Clientless Security (ICS) Update 3.7.205.0
     
CPAI-2008-012
  Date:
  Update Number: 591080117 (VPN-1 NGX R60)
602080117 (VPN-1 NGX R61/R62/R65)
  Description: Microsoft Excel File Handling Code Execution Protection
     
CPAI-2008-010
  Date:
  Update Number: 541080115 (VPN-1 NG R54/R55)
591080115 (VPN-1 NGX R60)
602080115 (VPN-1 NGX R61/R62/R65)
591080115 (VPN-1 VSX NGX)
592080115 (InterSpect NGX)
  Description: Macrovision InstallShield Update Service ActiveX Control Protection
     
CPAI-2008-009
  Date:
  Update Number: 541080115 (VPN-1 NG R54/R55)
591080115 (VPN-1 NGX R60)
602080115 (VPN-1 NGX R61/R62/R65)
591080115 (VPN-1 VSX NGX)
592080115 (InterSpect NGX)
  Description: VideoLAN VLC ActiveX Control Memory Corruption Protection
     
CPAI-2008-007
  Date:
  Update Number: 692080110 (Connectra NGX R61/R62)
  Description: Integrity Clientless Security (ICS) Update 3.7.201.0
     
CPAI-2008-007
  Date:
  Update Number: 691080109 (Connectra NGX R60)
  Description: Integrity Clientless Security (ICS) Update 3.7.201.0
     
CPAI-2008-005
  Date:
  Update Number: 541080108 (VPN-1 NG R54/R55)
591080108 (VPN-1 NGX R60)
602080108 (VPN-1 NGX R61/R62/R65)
591080108 (VPN-1 VSX NGX)
592080108 (InterSpect NGX)
  Description: MS Windows Long IGMP Queries Protection (MS08-001)
     
CPAI-2008-004
  Date:
  Update Number: 541080108 (VPN-1 NG R54/R55)
591080108 (VPN-1 NGX R60)
602080108 (VPN-1 NGX R61/R62/R65)
591080108 (VPN-1 VSX NGX)
592080108 (InterSpect NGX)
  Description: MS Windows Fragmented ICMP Router Advertisement Protection (MS08-001)
     
CPAI-2008-003
  Date:
  Update Number: 541080108 (VPN-1 NG R54/R55)
591080108 (VPN-1 NGX R60)
602080108 (VPN-1 NGX R61/R62/R65)
591080108 (VPN-1 VSX NGX)
592080108 (InterSpect NGX)
  Description: Protections against Recent Malware Threats (09-Jan-08)
     
CPAI-2008-002
  Date:
  Update Number: 541080108 (VPN-1 NG R54/R55)
591080108 (VPN-1 NGX R60)
602080108 (VPN-1 NGX R61/R62/R65)
591080108 (VPN-1 VSX NGX)
592080108 (InterSpect NGX)
  Description: AOL Radio AmpX ActiveX Buffer Overflow Protection
     
CPAI-2008-001
  Date:
  Update Number: 541080108 (VPN-1 NG R54/R55)
591080108 (VPN-1 NGX R60)
602080108 (VPN-1 NGX R61/R62/R65)
591080108 (VPN-1 VSX NGX)
592080108 (InterSpect NGX)
  Description: HP Update Tool ActiveX File Overwrite Protection
     
SDS Footer

You received this email because our records indicate that you wish to be contacted about SmartDefense Updates, Advisories, product news, and security information. If you do not want to receive further mailings, unsubscribe by sending a message with "SIGNOFF SMARTDEFENSE-NEWS" command to LISTSERV@AMADEUS.US.CHECKPOINT.COM in the first line (not the subject).

Copyright 2003-2008 Check Point Software Technologies LTD (Nasdaq: CHKP) All rights reserved.
800 Bridge Parkway, Redwood City, CA USA 94065