YuChakTinMichael‘sGIACGCFWProjectAssignment
Page 47
n 20001101: CheckPointFirewall1ValidUsernameVulnerability
n 20000815: CheckPointFirewall1SessionAgentDictionaryAttack
Vulnerability
n 20000802: CheckPointFirewall1UnauthorizedRSH/REXECConnection
Vulnerability
n 20000705: CheckPointFirewall1SpoofedSourceDenialofService
Vulnerability
n 20000630: CheckPointFirewall1SMTPResourceExhaustionVulnerability
n 20000606: CheckPointFirewall1FragmentedPacketsDoSVulnerability
n 20000311: CheckPointFirewall1InternalAddressLeakageVulnerability
n 20000310: MultipleFirewallVendorFTP"ALG"ClientVulnerability
n 20000209: MultipleFirewallVendorFTPServerVulnerability
n 19991020: CheckPointFirewall1LDAPAuthenticationVulnerability
n 19990809: Firewall1Port0DenialofServiceVulnerability
n 19990729: FireWall1,FloodGate1,VPN1TableSaturationDenialof
ServiceVulnerability
n 19980924: CheckPointFirewall1SessionAgentImpersonation
Vulnerability
SomerecentmajorFW1bugsandvulnerabilitiesaredescribedinthefollowingweb
sites:
n http://www.tla.ch/TLA/NEWS/2000sec/20000731CheckPointTUV.htm
n http://www.securiteam.com/securitynews/FW1_IP_Fragmentation_vulnerability
__remote_DoS_.html
CheckPointoffersservicepacksandhotfixesonaregularbasis.Itisimportantfor
youtoinstallthelatestoftheseservicepacksandhotfixestosecureyourFW1
installation.InordertoobtainthesesoftwareyoumustsubscribetoCheckPoint’s
supportprogram,whichisavailableat
http://www.checkpoint.com/techsupport/downloads/downloads.html.
Asofthetimeofthiswriting,thelatestservicepackavailableforFW1version4.0is
SP8.
Commentaires sur ces manuels