New SmartDefense Updates

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Greetings,


New SmartDefense Updates have been released today, July 16,
2007 for users
of VPN-1 NGX R65, R62, R61, R60, VPN-1 NG with Application
Intelligence
R55W, R55 & R54, users of InterSpect NGX & 2.0 and
users of Connectra NGX
R62 & R61. 

 
MIT Kerberos Multiple Remote Code Execution Protections
Overview: Multiple vulnerabilities have been reported in the
Kerberos
Administration Server. Kerberos is a protocol suite that
provides
authenticated communication between two points on a network.
The Kerberos
V5 administration server (kadmind) utilizes the encrypted
SUN-RPC protocol
to communicate with its remote clients. A remote attacker
may exploit these
vulnerabilities to execute arbitrary code on an affected
system. By
enabling this protection, SmartDefense will detect and block
malformed RPC
requests.
For more information, refer to CPAI-2007-078 at
http://www.checkpoint.com/defense/advis
ories/public/2007/cpai-03-Jul.html

Samba NetDFS RPC Remote Code Execution Protection
Overview: A buffer overflow vulnerability has been reported
in Samba. Samba
is an open-source implementation of the network services
suite SMB/CIFS.
Samba implements many protocols and services, including the
vulnerable
NetDFS Service component which can be accessed through a
Remote Procedure
Call (RPC) interface. An attacker may exploit the
vulnerability to execute
arbitrary code on a target system via a specially crafted
RPC request. By
enabling this protection, SmartDefense will detect and block
malformed RPC
requests sent to the NetDFS RPC interface.
For more information, refer to CPAI-2007-079 at
http://www.checkpoint.com/defense/advi
sories/public/2007/cpai-19-Junb.html

Security Best Practice: Blocking Skype
Overview: Instant Messaging applications allow communication
and
collaboration between Internet users using various modes of
communication,
including instant messages exchange, voice and video,
application sharing,
white board, file transfer and remote assistance. Skype is a
widely used
program for communicating with other users over the
Internet. This program
is prone to multiple vulnerabilities. By enabling this
protection,
SmartDefense will detect and block Skype version 3.2.0.175
and prior.
For more information, refer to SBP-2007-07 at
http://www.checkpoint.com/defense/adviso
ries/public/2007/sbp-03-Jul.html


Links to the recent SmartDefense Advisories are available
at:
http://www.checkpoint.com/defense/advisories/pub
lic/summary.html 

Read more about SmartDefense Service at:
http://www.checkpoint.com/defense/advisories/pu
blic/overview.html  

To sign-up to the mailing list, send an email to
listservamadeus.us.checkpoint.com with the text
"SUBSCRIBE
SMARTDEFENSE-NEWS" in the email body.

To unsubscribe from this list, send an email to
listservamadeus.us.checkpoint.com with the text
"SIGNOFF
SMARTDEFENSE-NEWS" In the email body.

As always, please feel free to contact us directly if you
have any comments
or questions (sda-infoCheckPoint.com). 

 

 

 

 

 

 


-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.6.2 (Build 2014)

wsBVAwUBRpu1Fay7i8j/RTzHAQiqhggAp0QqHnzGxhb6JC9sLMKSBzEOvO/J
8Dhf
2Dly1Ro8OprQc6z/W5UkSzvaW9xdEJeooqcsr+OIf6TJr1/EnXUU3XGsaOku
At/S
5E+Yc8W/M29pFMg7bNs995EYpLEKHoAulQucYWSBp6QrXSoK+rENwLz0EMqW
SziK
QHx/W0TT8LqyICDX3QYTE+8HWzS8hdYjMnkTq0P7/r0vsmkaUhHQui10ZHky
RrBC
KUjHiu/WR3Tg0J89XvreyGIn7LiKTWocVG1lEfMJCk7BuQolxBA7UdHn9JFK
ajve
fQVVXQihA3UKK9HuviYrWrbzS7ElL1te4XC55LDSfCBQd4ShCRbs9g==
=aE24
-----END PGP SIGNATURE-----