February 2008 SmartDefense Services Bulletin

SmartDefense Services Bulletin

February 2008

Greetings! This bulletin features Check Point SmartDefense Services highlights for the month of . Please feel free to email us if you have any comments or questions.

To sign-up to the mailing list, send an email to listserv@amadeus.us.checkpoint.com with the text "SUBSCRIBE SMARTDEFENSE-NEWS" in the email body. If you'd like to unsubscribe from this bulletin, send an email to listserv@amadeus.us.checkpoint.com with the text "SIGNOFF SMARTDEFENSE-NEWS" in the email body.

In This Bulletin

About SmartDefense Services
Advisories
Defense Updates

About SmartDefense Services

Check Point SmartDefense Services maintain the most current preemptive security for your Check Point security infrastructure. To help your defenses stay continuously ahead of today’s constantly evolving threat landscape, SmartDefense Services provide:

Preemptive, ongoing, and real-time updates to defenses and security policies
Ongoing new protocol and application defenses against emerging threats and attacks
Step-by-step instructions on how to activate and configure defenses against emerging threats and vulnerabilities – usually before exploits are created by hackers
Anti-virus updates and alerts for Check Point VPN-1 UTM
Anti-spyware updates for Check Point Integrity Anti-Spyware
Malicious applications database for automating network access and malware termination policies (Program Advisor Service for Integrity)

Advisories (Sorted by Severity, then Date)


CPAI-2008-015
	Date:
	Severity:
	Description:	Update Protection against Cisco Unified Communications Manager CTL Provider Heap Overflow Vulnerability
	Sources:	Secunia Advisory: SA28530
	Vulnerable Systems:	Cisco Systems Unified CallManager 4.0 Cisco Systems Unified CallManager 4.1 Versions prior to 4.1(3)SR5c Cisco Systems Unified Communications Manager 4.2 Versions prior to 4.2(3)SR3 Cisco Systems Unified Communications Manager 4.3 Versions prior to 4.3(1)SR1

CPAI-2008-012
	Date:
	Severity:
	Description:	Update Protection against Microsoft Excel File Handling Code Execution Vulnerability (MS 947563)
	Sources:	Microsoft Security Advisory (947563)
	Vulnerable Systems:	Microsoft Excel 2000 Microsoft Excel 2002 Microsoft Excel 2003 prior to SP3 Microsoft Excel 2004 for Mac Microsoft Excel Viewer 2003 Microsoft Office 2000 Microsoft Office 2003 prior to SP3 Microsoft Office XP

CPAI-2008-005
	Date:
	Severity:
	Description:	Update Protection against Microsoft Windows Kernel TCP/IP IGMPv3 Vulnerability (MS08-001)
	Sources:	Microsoft Security Bulletin MS08-001
	Vulnerable Systems:	Microsoft Windows XP SP2 Microsoft Windows XP Professional x64 Edition Microsoft Windows XP Professional x64 Edition SP2 Microsoft Windows Server 2003 SP1/SP2 Microsoft Windows Server 2003 x64 Edition Microsoft Windows Server 2003 SP1/SP2 for Itanium-based Systems Microsoft Windows Vista Microsoft Windows Vista x64 Edition

CPAI-2008-014
	Date:
	Severity:
	Description:	Update Protection against OpenSSL SSL_get_shared_ciphers Function Buffer Overflow Vulnerability
	Sources:	FrSIRT/ADV-2007-3325
	Vulnerable Systems:	OpenSSL Project OpenSSL 0.9.7m and prior OpenSSL Project OpenSSL 0.9.8e and prior

CPAI-2008-010
	Date:
	Severity:
	Description:	Update Protection against Macrovision InstallShield Update Service ActiveX Control Code Execution Vulnerability
	Sources:	Secunia Advisory: SA27475
	Vulnerable Systems:	Macrovision InstallShield 2008 Macrovision FLEXnet Connect 6.0 prior to 6.0.100.65101 Macrovision Update Service all versions from 2.x to 5.x to 5.1.100 47363

CPAI-2008-003
	Date:
	Severity:
	Description:	Update Protections against Recent Malware Threats (09-Jan-08)
	Sources:	http://www.emsisoft.it/it/malware/?Adware.Win32.Dreambar http://www.411-spyware.com/phazebar
	Vulnerable Systems:	Microsoft Windows clients

CPAI-2008-002
	Date:
	Severity:
	Description:	Update Protection against AOL Radio AmpX ActiveX Control Buffer Overflow Vulnerability
	Sources:	Secunia Advisory: SA27622
	Vulnerable Systems:	AOL Radio 2.6.1.11

CPAI-2008-001
	Date:
	Severity:
	Description:	Update Protection against HP Software Update Tool ActiveX Control File Overwrite Vulnerability
	Sources:	Secunia Advisory: SA28177
	Vulnerable Systems:	HP RulesEngine.dll ActiveX CTL 1.0 HP Software Update 3.0.8.4 HP Compaq Business Notebook PC NC6220 HP Compaq Business Notebook PC NC6230 HP Compaq Business Notebook PC NC8230 HP Compaq Business Notebook PC NX6120 HP Compaq Business Notebook PC NX6325 HP Compaq Business Notebook PC NX7300 HP Compaq Business Notebook PC NX8220 HP Compaq Mobile Workstation NW8440 HP Compaq Mobile Workstation NW9440 HP Compaq Notebook PC 2510p HP Compaq Notebook PC 2710p HP Compaq Notebook PC 6510b HP Compaq Notebook PC 6715b HP Notebook Pavilion _Other HP RulesEngine.dll ActiveX CTL 1.0 HP Software Update 3.0.8.4

CPAI-2008-013
	Date:
	Severity:
	Description:	Update Protection against Apache HTTP Server mod_cache Module Denial of Service Vulnerability
	Sources:	Secunia Advisory: SA25830
	Vulnerable Systems:	Apache Software Foundation HTTP Server 2.2.x Apache Software Foundation HTTP Server 2.0.x

CPAI-2008-016
	Date:
	Severity:
	Description:	Integrity Clientless Security (ICS) Update 3.7.205.0
	Sources:	SmartDefense Research Center
	Vulnerable Systems:	Microsoft Windows clients

CPAI-2008-009
	Date:
	Severity:
	Description:	Update Protection against VideoLAN VLC ActiveX Control Memory Corruption Vulnerability
	Sources:	Secunia Advisory: SA27878
	Vulnerable Systems:	VideoLAN VLC 0.86 VideoLAN VLC 0.86a VideoLAN VLC 0.86b VideoLAN VLC 0.86c

CPAI-2008-007
	Date:
	Severity:
	Description:	Integrity Clientless Security (ICS) Update 3.7.201.0
	Sources:	SmartDefense Research Center
	Vulnerable Systems:	Microsoft Windows clients

CPAI-2008-004
	Date:
	Severity:
	Description:	Update Protection against Microsoft Windows Kernel TCP/IP ICMP Vulnerability (MS08-001)
	Sources:	Microsoft Security Bulletin MS08-001
	Vulnerable Systems:	Microsoft Windows 2000 SP4 Microsoft Windows XP SP2 Microsoft Windows XP Professional x64 Edition Microsoft Windows XP Professional x64 Edition SP2 Microsoft Windows Server 2003 SP1/SP2 Microsoft Windows Server 2003 x64 Edition Microsoft Windows Server 2003 SP1/SP2 for Itanium-based Systems

CPAI-2008-006
	Date:
	Severity:
	Description:	Preemptive Protection against Apache mod_imap and mod_imagemap Module Cross-Site Scripting Vulnerability
	Sources:	Secunia Advisory: SA28046
	Vulnerable Systems:	Apache Software Foundation HTTP Server 1.3.0 - 1.3.39 Apache Software Foundation HTTP Server 2.0.35 - 2.0.61 Apache Software Foundation HTTP Server 2.2.0 - 2.2.6

Defense Updates


CPAI-2008-015
	Date:
	Update Number:	692080127 (Connectra NGX R61/R62) 541080127 (VPN-1 NG R54/R55) 591080127 (VPN-1 NGX R60) 602080127 (VPN-1 NGX R61/R62/R65) 591080127 (VPN-1 VSX NGX) 592080127 (InterSpect NGX)
	Description:	Cisco Unified Communications Manager CTL Provider Heap Overflow Protection


CPAI-2008-014
	Date:
	Update Number:	692080127 (Connectra NGX R61/R62) 541080127 (VPN-1 NG R54/R55) 591080127 (VPN-1 NGX R60) 602080127 (VPN-1 NGX R61/R62/R65) 591080127 (VPN-1 VSX NGX) 592080127 (InterSpect NGX)
	Description:	OpenSSL SSL_get_shared_ciphers Function Buffer Overflow Protection


CPAI-2008-013
	Date:
	Update Number:	692080127 (Connectra NGX R61/R62) 541080127 (VPN-1 NG R54/R55) 591080127 (VPN-1 NGX R60) 602080127 (VPN-1 NGX R61/R62/R65) 591080127 (VPN-1 VSX NGX) 592080127 (InterSpect NGX)
	Description:	Apache HTTP Server mod_cache Module DoS Protection


CPAI-2008-016
	Date:
	Update Number:	692080121 (Connectra NGX R61/R62) 691080121 (Connectra NGX R60)
	Description:	Integrity Clientless Security (ICS) Update 3.7.205.0


CPAI-2008-012
	Date:
	Update Number:	591080117 (VPN-1 NGX R60) 602080117 (VPN-1 NGX R61/R62/R65)
	Description:	Microsoft Excel File Handling Code Execution Protection


CPAI-2008-010
	Date:
	Update Number:	541080115 (VPN-1 NG R54/R55) 591080115 (VPN-1 NGX R60) 602080115 (VPN-1 NGX R61/R62/R65) 591080115 (VPN-1 VSX NGX) 592080115 (InterSpect NGX)
	Description:	Macrovision InstallShield Update Service ActiveX Control Protection


CPAI-2008-009
	Date:
	Update Number:	541080115 (VPN-1 NG R54/R55) 591080115 (VPN-1 NGX R60) 602080115 (VPN-1 NGX R61/R62/R65) 591080115 (VPN-1 VSX NGX) 592080115 (InterSpect NGX)
	Description:	VideoLAN VLC ActiveX Control Memory Corruption Protection


CPAI-2008-007
	Date:
	Update Number:	692080110 (Connectra NGX R61/R62)
	Description:	Integrity Clientless Security (ICS) Update 3.7.201.0


CPAI-2008-007
	Date:
	Update Number:	691080109 (Connectra NGX R60)
	Description:	Integrity Clientless Security (ICS) Update 3.7.201.0


CPAI-2008-005
	Date:
	Update Number:	541080108 (VPN-1 NG R54/R55) 591080108 (VPN-1 NGX R60) 602080108 (VPN-1 NGX R61/R62/R65) 591080108 (VPN-1 VSX NGX) 592080108 (InterSpect NGX)
	Description:	MS Windows Long IGMP Queries Protection (MS08-001)


CPAI-2008-004
	Date:
	Update Number:	541080108 (VPN-1 NG R54/R55) 591080108 (VPN-1 NGX R60) 602080108 (VPN-1 NGX R61/R62/R65) 591080108 (VPN-1 VSX NGX) 592080108 (InterSpect NGX)
	Description:	MS Windows Fragmented ICMP Router Advertisement Protection (MS08-001)


CPAI-2008-003
	Date:
	Update Number:	541080108 (VPN-1 NG R54/R55) 591080108 (VPN-1 NGX R60) 602080108 (VPN-1 NGX R61/R62/R65) 591080108 (VPN-1 VSX NGX) 592080108 (InterSpect NGX)
	Description:	Protections against Recent Malware Threats (09-Jan-08)


CPAI-2008-002
	Date:
	Update Number:	541080108 (VPN-1 NG R54/R55) 591080108 (VPN-1 NGX R60) 602080108 (VPN-1 NGX R61/R62/R65) 591080108 (VPN-1 VSX NGX) 592080108 (InterSpect NGX)
	Description:	AOL Radio AmpX ActiveX Buffer Overflow Protection


CPAI-2008-001
	Date:
	Update Number:	541080108 (VPN-1 NG R54/R55) 591080108 (VPN-1 NGX R60) 602080108 (VPN-1 NGX R61/R62/R65) 591080108 (VPN-1 VSX NGX) 592080108 (InterSpect NGX)
	Description:	HP Update Tool ActiveX File Overwrite Protection

You received this email because our records indicate that you wish to be contacted about SmartDefense Updates, Advisories, product news, and security information. If you do not want to receive further mailings, unsubscribe by sending a message with "SIGNOFF SMARTDEFENSE-NEWS" command to LISTSERV@AMADEUS.US.CHECKPOINT.COM in the first line (not the subject).