| VID |
29079 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
WWW |
| Detailed Description |
The Check Point Firewall-1 HTTP Security Server has multiple format string vulnerabilities, which allow a remote attacker to execute arbitrary code via HTTP requests that cause format string specifiers to be used in an error message. A remote unauthenticated attacker may exploit one of these vulnerabilities and execute commands under the security context of the super-user, usually "SYSTEM", or "root".
* Platforms Affected:
Check Point Software Next Generation FP3 HF2
Check Point Software Next Generation FP3 HF1
Check Point Software Next Generation FP3
Check Point Software Next Generation FP2
Check Point Software Next Generation FP1
Check Point Software Next Generation
Check Point Software NG-AI R55
Check Point Software NG-AI R54
Check Point Software NG-AI
* References:
http://www.kb.cert.org/vuls/id/790771
http://www.checkpoint.com/techsupport/alerts/security_server.html
http://www.ciac.org/ciac/bulletins/o-072.shtml
http://xforce.iss.net/xforce/alerts/id/162 |
| Recommendation |
Check Point has made fixes available to resolve this issue. Customers with support contracts may obtain fixes from Check Point support channels. For additional details, see the Check Point security advisory at http://www.checkpoint.com/techsupport/alerts/security_server.html .
As a workaround, if it is not required, disable HTTP Security Servers or the Application Intelligence component, as appropriate. |
| Related URL |
CVE-2004-0039 (CVE) |
| Related URL |
9581 (SecurityFocus) |
| Related URL |
14149 (ISS) |
|
