Check Point plays down FireWall-1 bug reports Security giant Check Point has played down the seriousness of reports of multiple vulnerabilities in a supposedly locked-down version of its flagship FireWall-1/VPN-1 security software. Spanish security firm Pentest discovered multiple buffer overflow vulnerabilities during the course of a comprehensive security evaluation of …
(Dug cries, "Wait, wait, I'm not dead yet!")
No-one wants to see the bugs in FW-1/VPN-1 because it becomes too hard to justify the licensing fees they're continually shelling out of the budget.
Just ask about the RTM bug in R60-R65....want your firewalls to just randomly hang because of bad memory management? This'll do!
There is a difference in scope and objectives between Common Criteria evaluation and penetration testing.
Common Criteria evaluation focuses primarly on ensuring that there are no exploitable vulnerabilities in the composite environment formed by the Product being evaluated together with the Physical, Procedureal, and Personnel countermeasures established by the System (or Site) Security Policy.
Penetration testing attempts to find ANY kind of security problem and focuses ONLY on the product being tested (regardless of any other aspects of the environment).
The difference in scope between Common Criteria and penetration testing often leads to misunderstanding and confusion. Each side has its "truth" but the other side "can't handle the truth". This has been the case for many years.
In particular, it is possible for a product to get a Common Criteria certificate even if it has multiple security faults, provided that the securely configured product in its securely configured environment has no exploitable vulnerabilities.
There are also the usual issues about the attacker wanting recognition & prestige, and the victim wanting damage limitation to preserve image & business.
There is a difference in scope and objectives between Common Criteria evaluation and penetration testing.
Common Criteria evaluation focuses primarly on ensuring that there are no exploitable vulnerabilities in the composite environment formed by the Product being evaluated together with the Physical, Procedureal, and Personnel countermeasures established by the System (or Site) Security Policy.
Penetration testing attempts to find ANY kind of security problem and focuses ONLY on the product being tested (regardless of any other aspects of the environment).
The difference in scope between Common Criteria and penetration testing often leads to misunderstanding and confusion. Each side has its "truth" but the other side "can't handle the truth". This has been the case for many years.
In particular, it is possible for a product to get a Common Criteria certificate even if it has multiple security faults, provided that the securely configured product in its securely configured environment has no exploitable vulnerabilities.
There are also the usual issues about the attacker wanting recognition & prestige, and the victim wanting damage limitation to preserve image & business.
From what I have read you have to be at the console or connected remotely through SSH.
I can understand why checkpoint didn't take him seriously... If you got that far you can blow up the firewal why play with commands at the OS level. The point really is :
1 - that your firewall rules shouldn't leave connections via SSH open so that someone can do this.
2 - Physical security of the firewall itself (and use of secure passwords) keeps people out of the console.
John
I'm waiting for a vulnerability assessment that has one line... User could have console access after logging in! oh no!
Some of these vuln assessments altho informative try to push themselves too far. Seriously, If you can log into a box why would you use an attack to do things? thats like putting a grenade in a corpse.. its pure overkill and not needed.
This industry is suffering from everyone having a poke at things and when it shakes calling it a vulnerability.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
