-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Greetings,
New SmartDefense Updates have been released today, July 16,
2006 for users
of VPN-1 NGX R61 & R60, VPN-1 NG with Application
Intelligence R55W, R55 &
R54, and users of InterSpect NGX & 2.0.
ASP.NET is collection of technologies within the.NET
Framework that enable
developers to build Web applications and XML Web Services.
An information
disclosure vulnerability exists in ASP.Net that could allow
an attacker to
bypass ASP.Net security and gain unauthorized access to
objects in the
Application folder. The Update enables the HTTP Worm Catcher
to detect and
block the vulnerability based on pre-defined worm
signatures.
For more information, refer to CPAI-2006-087 at
http://www.checkpoint.com/defense/advis
ories/public/2006/cpai-12-Jul.html
Cisco Unified CallManager software is the call-processing
component of the
Cisco Unified Communications system. The web interface used
to administer
Cisco CallManager software fails to properly validate user
input. A
specially crafted request could cause the CallManager web
interface to
include malicious JavaScript in its response. Once the
response is
processed, the malicious JavaScript payload will be executed
in the browser
of the victim. The Update enables the HTTP Worm Catcher to
detect and block
the vulnerability based on pre-defined worm signatures.
For more information, refer to CPAI-2006-085 at
http://www.checkpoint.com/defense/advis
ories/public/2006/cpai-10-Jul.html
Geeklog is a PHP/MySQL based application for managing
dynamic web content.
Geeklog CMS fails to validate multiple file extensions,
potentially
allowing a remote attacker to upload malicious script code,
which will be
executed in the context of the webserver process. The Update
enables the
HTTP Worm Catcher to detect and block the vulnerability
based on
pre-defined worm signatures.
For more information, refer to CPAI-2006-084 at
http://www.checkpoint.com/defense/advi
sories/public/2006/cpai-09-Jula.html
WebAttacker is a spyware kit sold on a Russian website for
$15. The kit
includes scripts designed to make simpler the task of
infecting computers:
the buyer spams out a message to email addresses inviting
them to visit a
compromised website. Once the user enters the compromised
website, The
website attempts to download the malicious code remotely
onto the user's PC
by taking advantage of known web browser and operating
system
vulnerabilities. The Update enables the HTTP Worm Catcher to
detect and
block the vulnerability based on pre-defined worm
signatures.
For more information, refer to CPAI-2006-083 at
http://www.checkpoint.com/defense/advis
ories/public/2006/cpai-09-Jul.html
Plume CMS is a Content Management System in PHP on top of
MySQL. Plume CMS
contains a flaw that may allow an attacker with the ability
to craft a URL
to include and execute arbitrary code on the target system.
The Update
enables the HTTP Worm Catcher to detect and block the
vulnerability based
on pre-defined worm signatures. For more information, refer
to
CPAI-2006-086 at
http://www.checkpoint.com/defense/advi
sories/public/2006/cpai-10-Jula.html
Links to the recent SmartDefense Advisories are available
at:
http://www.checkpoint.com/defense/advisories/pub
lic/summary.html
Read more about SmartDefense Service at:
http://www.checkpoint.com/defense/advisories/pu
blic/overview.html
To sign-up to the mailing list, send an email to
listserv amadeus.us.checkpoint.com with the text
"SUBSCRIBE
SMARTDEFENSE-NEWS" in the email body.
To unsubscribe from this list, send an email to
listservamadeus.us.checkpoint.com with the text
"SIGNOFF
SMARTDEFENSE-NEWS" In the email body.
As always, please feel free to contact us directly if you
have any comments
or questions (sda-infoCheckPoint.com).
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1
iQA/AwUBRLp9W1qiP0SjohCrEQKBDQCbBYxx6tI+3f7FBEztVGFVfFQSpKsA
n374
zdg7VI6oec05/YXIUDUdQG3B
=wEmn
-----END PGP SIGNATURE-----
|