-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Greetings,
New SmartDefense Updates have been released today, September
14, 2006 for
users of VPN-1 NGX R61 & R60, VPN-1 NG with Application
Intelligence R55W,
R55 & R54, users of InterSpect NGX & 2.0 and users
of Connectra NGX R61.
Indexing Service Cross-Site Scripting Vulnerability
(MS06-053)
Overview: A cross-site scripting (XSS) vulnerability exists
in Microsoft
Windows Indexing Service. Indexing Service is a feature that
supports rapid
searching of file contents and properties by extracting
information from
files and storing it in indexes organized for fast
searching. A remote
attacker can exploit this vulnerability to execute arbitrary
commands on an
affected system. The Update enables the HTTP Worm Catcher to
detect and
block the vulnerability based on pre-defined worm
signatures.
For more information, refer to CPAI-2006-110 at
http://www.checkpoint.com/defense/advi
sories/public/2006/cpai-13-Sepa.html
Protect Yourself against Multiple Remote Desktop Protocol
(RDP)
Vulnerabilities
Overview: The Remote Desktop Protocol (RDP) lets users
create a virtual
session on their desktop computers, allowing remote users to
access all the
data and applications on their computers. As you interact
with the client
system, keystrokes and mouse events are sent over the
connection to the
remote system, which sends back screen information for the
client program
to display. The RDP protocol operates over any TCP/IP
network and is
implemented by Terminal services in Windows 2000, Windows
Server 2003 and
Remote Desktop Sharing services in Windows XP. The Remote
Desktop Protocol
is prone to multiple security threats coming from
non-Windows clients such
as Linux and Tarantella, connections attempted from other
ports other than
the default RDP port (TCP/3389), RDP connections that take a
lot of
bandwidth, threats inherent to certain versions of RDP (e.g.
5.x, 4.x) and
more. By sending a specially crafted RDP request, a remote
attacker could
trigger these vulnerabilities to gain sensitive information
or cause a
denial of service. The update addresses RDP vulnerabilities
by properly
handling RDP traffic, enforcing that RDP traffic will be
composed of a
single message per packet (the default RDP handshake). The
update also
addresses RDP bandwidth control, blocking of specific RDP
versions,
blocking of non RDP clients connecting to RDP servers,
blocking of RDP
traffic on ports other than the default RDP port (TCP/3389)
and more.
For more information, refer to SBP-2006-07 at
http://www.checkpoint.com/defense/adviso
ries/public/2006/sbp-20-Aug.html
Links to the recent SmartDefense Advisories are available
at:
http://www.checkpoint.com/defense/advisories/pub
lic/summary.html
Read more about SmartDefense Service at:
http://www.checkpoint.com/defense/advisories/pu
blic/overview.html
To sign-up to the mailing list, send an email to
listserv amadeus.us.checkpoint.com with the text
"SUBSCRIBE
SMARTDEFENSE-NEWS" in the email body.
To unsubscribe from this list, send an email to
listservamadeus.us.checkpoint.com with the text
"SIGNOFF
SMARTDEFENSE-NEWS" In the email body.
As always, please feel free to contact us directly if you
have any comments
or questions (sda-infoCheckPoint.com).
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1
iQA/AwUBRQmMJFqiP0SjohCrEQKHRgCeKteRnxSoC8kP8YdMsTLbnGaVnuYA
nRjH
aEIr0dye3AsIhBZ9taTco3+S
=+yYP
-----END PGP SIGNATURE-----
|