Check Point Advisories

IPS-1 Protection Update - Authentication (v 15), DDOS (v 12), DHCP (v 8), Enterprise Software (v 2), Finger (v 10), FTP (v 23), IRC (v 13), LPD (v 11)

Check Point Reference: CPAI-2007-208
Date Published: 17 Dec 2007
Severity: Medium
Last Updated: Monday 01 January, 2007
Source:  
Industry Reference:

 

Protection Provided by:
Who is Vulnerable?  
Vulnerability Description This advisory covers a set of protocol updates for the Authentication, DDOS, DHCP, Enterprise Software, Finger, FTP, IRC, and LPD protocol groups. The Authentication protocol group has been updated to ignore password strength tests for anonymous and guest users. Increased protocol compliance enforcement has been added to the FTP protocol group. The LPD protocol group has been updated to handle LPRng protocol extensions.  All protocol groups include documentation and configuration updates.
Vulnerability Details

In addition to documentation and metadata updates, the following protocol groups have been updated:

  • Authentication
    • Password strength tests are ignored for anonymous and guest users
  • DDOS
    • Stacheldradt commands are now user-editable
  • FTP
    • Improved protocol compliance enforcement
  • LPD
    • Handle LPRng protocol extensions

Protection Overview

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK