Holes in Firewall-1

Oct 05, 2007

Jan Rähm

Spanish security researchers have discovered several vulnerabilities in the "Firewall-1" security solution by software vendor Checkpoint, and are now questioning its Common Criteria EAL4+ certification.

Pentest penetration testers discovered various bugs in the form of buffer overflows in command line tools. The testers didn't even need to deploy code analysis tools, as they reveal in their analysis.

The subject of the test was Secure Platform R60, a distribution by vendor Checkpoint based on Red Hat Linux. Although the vulnerabilities were only local, the authors of the report still can't rule out remote attacks after analysis.

Although Checkpoint was notified of the vulnerabilities several months ago, a response has not been forthcoming, nor has an update of the firewall which can be used on various systems, such as Red Hat Enterprise Linux, Solaris 8 through 10, and Windows 2000 Server.

Related content

KTools: KMyFirewall

Linux has a fantastic selection of firewalls for securing stand-alone computers or whole networks. Although you can use IPTables to set up a firewall, the configuration is often the most difficult step. KMyFirewall offers a powerful, user-friendly, GUI-based approach.

more »
Huge Hole in Yoggie USB Stick Firewall

A full-fledged Linux computer on a USB stick: Yoggie uses this astonishing hardware trick to protect Windows machines against Web-based attacks. But there are some things that do not work as intended by the developers as an exhaustive test in Linux Magazine #94 / September will reveal. Just a few simple tricks were all it took to work around the firewall.

more »
Yoggie Gatekeeper Pico

This Linux computer on a USB stick acts as a tiny mobile firewall.

more »
Version 2.5 of Gibraltar Security Software Released

Development of the new version of the Gibraltar security software took more than a year. The release of Gibraltar 2.5 sees enhanced functionality and simplified use.

more »
Script Error Opens up Security Hole in Xen 3.0.3

A Red Hat update has just been released to close various vulnerabilities in the Xen virtualization solution, one of which was caused by an error in a Python script.

more »

comments powered by Disqus

Issue 161/2014

Buy this issue as a PDF

Digital Issue: Price $9.99
(incl. VAT)

News

Munich Adopts Kolab

The Bavarian capital shuns Microsoft, Google, and other alternatives to implement an open-source groupware solution.
Canonical Announces Ubuntu Smartphones

Mobile , Ubuntu

Phone vendor partnerships bring Mark Shuttleworth's dream of Ubuntu on a phone a step closer to reality.
Piviti Seeks Funding

Community

Donors will get to vote on new features for the free video editor.
Debian Tech Committee Votes for systemd

Community

Debian project puts init out to pasture and says no to Ubuntu's Upstart.
The Mask: Scary New Face of Internet Intrusion

Security

Ultra-sophisticated attack tool might have originated from a state-sponsored intelligence service.
Epoch 1.0 Released

Community

New alternative for init comes with a small footprint and minimal configuration.
Wayland 1.4 Challenges X11

Community

X marks the target for the next-generation windowing system.
Red Hat Adopts CentOS

Red Hat

Super-clone CentOS Linux gets beamed up to the mother ship.
W3C Promotes Media Source Extensions

HTML

HTML technology will enable new video editing and playback options.
Valve Announces SteamOS Beta

New Linux distro is optimzed for gaming.

Holes in Firewall-1

Related content

Issue 161/2014

Buy this issue as a PDF

Tag Cloud

News