By Robert Lemos, 5 February 2004 08:55
NEWS Two flaws in Check Point Software's flagship firewall software could allow an attacker to crash or compromise its firewall products, the company said on Wednesday.
The flaws - found by security firm Internet Security Systems (ISS) - may give intruders access to corporate networks through the devices designed to keep attackers out.
"Really controlling the firewall is controlling the gatekeeper for the network," said Dan Ingevaldson, director of vulnerability researcher and development for ISS. "If [an attacker] can control all the data going in and out - really, the game is over at that point."
Check Point released a patch for its latest line of firewalls, the NG, or Next Generation series. The patch corrects a flaw in the way the software inspects web data passing through the device. The second flaw affects the company's earlier virtual private network product, VPN-1, and won't be fixed, as Check Point no longer supports the software.
"About 70 per cent [of our customers] or better are on NG," said Mark Kraynak, product marketing manager for Check Point. "The [earlier version] is no longer supported, so customers still on [that version] are in the process of migrating."
Ingevaldson said the vulnerabilities are serious, but that writing the code to exploit the issues is not easy.
"If you look at the history of the vulnerabilities in Check Point, a lot of them have been theoretical," he said. "In this case, what we are looking at is a machine working in a default environment, in default conditions, and they are still vulnerable."
Both Check Point and ISS have released advisories on the issues.
Robert Lemos writes for CNET News.com
In order to post a comment you need to be registered and logged in.
Log in or create your silicon.com account below