WebDAV Internet Information Services Vulnerabilities
A vulnerability has been disclosed in the WebDAV extension of Microsoft Internet Information Services (IIS). A hacker could use this vulnerability to gain access to a location that typically requires authentication. Check Point’s VPN-1, VSX, and IPS solutions have had protections that defend against attacks that use these vulnerabilities since May 19th.
DirectShow QuickTime Vulnerability
A remote code execution vulnerability has been discovered in Microsoft’s DirectShow QuickTime Movie Parser filter. Successful exploitation may allow an attacker to take complete control of a target system. Since June 1st Check Point has provided immediate protection against exploits that use this unpatched vulnerability through its integrated IPS offerings.
Multiple Vendors NTP Daemon Vulnerability
A buffer overflow vulnerability has been reported in the ntpd (NTP daemon). This vulnerability has been rated highly critical and the affected software is very common in enterprise environments. A remote attacker may exploit this issue to crash the service and execute arbitrary code. Check Point has provided a protection that detects and blocks crafted packets sent to the NTP daemon since June 1st.
June 9, 2009
IN THIS ADVISORY:
- WebDAV Internet Information Services Vulnerabilities
- DirectShow QuickTime Vulnerability
- Multiple Vendors NTP Daemon Vulnerability
- Protecting Only Internal Hosts
Tip: Protecting Only Internal Hosts
Inspecting outbound traffic targeting hosts outside of your organization can be a waste of your time and resources. Not only does it increase the inspection load on your gateway, but it also results in unnecessary logs. The IPS Software Blade allows you to configure your setup to focus inspection only on traffic that may be hazardous to your organization's internal hosts (including your DMZ), and not inspect traffic that is targeting hosts outside your network.
- Double click the gateway.
- Click IPS
- Select Protect internal hosts only
- Install the policy
|» Highlighted Protections
This table lists Check Point protections for recently disclosed threats. In some cases, Check Point protections against such threats or threat types have been available for some time, and the date listed is the date when the protection became available.
More Updates >
|Have SmartDefense feature questions?
Participate in the SmartDefense User Forum. The SmartDefense Forum is your space for asking questions regarding all SmartDefense features, and to collaborate with other SmartDefense users, worldwide, on SmartDefense-related issues. Check Point employees may monitor the forum and provide information on the issues posted.
|Know someone who should be getting the Advisories?
» About the Check Point Update Services
Check Point provides ongoing and real-time updates and configuration information to its R65 products through SmartDefense Services, and to Check Point R70 products through an update service included with the relevant Software Blade subscriptions. These updates increase the value of your Check Point products and minimize threats by providing defenses that can be used before vendor patches are applied throughout your network. These defenses are developed and distributed by Check Point’s global Research and Response Centers. For more information, visit www.CheckPoint.com
|You have received this notification because either you have a User Center account or you have subscribed to the Check Point Security Advisory. If you would prefer to no longer receive security alerts and defense notifications please click the Unsubscribe link below.
©2003-2009 Check Point Software Technologies Ltd. (Nasdaq: CHKP) All rights reserved. 800 Bridge Parkway, Redwood City, CA USA 94065