Holes in Firewall-1

Oct 05, 2007

Jan Rähm

Spanish security researchers have discovered several vulnerabilities in the "Firewall-1" security solution by software vendor Checkpoint, and are now questioning its Common Criteria EAL4+ certification.

Pentest penetration testers discovered various bugs in the form of buffer overflows in command line tools. The testers didn't even need to deploy code analysis tools, as they reveal in their analysis.

The subject of the test was Secure Platform R60, a distribution by vendor Checkpoint based on Red Hat Linux. Although the vulnerabilities were only local, the authors of the report still can't rule out remote attacks after analysis.

Although Checkpoint was notified of the vulnerabilities several months ago, a response has not been forthcoming, nor has an update of the firewall which can be used on various systems, such as Red Hat Enterprise Linux, Solaris 8 through 10, and Windows 2000 Server.

Related content

Huge Hole in Yoggie USB Stick Firewall

A full-fledged Linux computer on a USB stick: Yoggie uses this astonishing hardware trick to protect Windows machines against Web-based attacks. But there are some things that do not work as intended by the developers as an exhaustive test in Linux Magazine #94 / September will reveal. Just a few simple tricks were all it took to work around the firewall.

more »
Vulnerability in GNU "tar"

Linux distributor Red Hat has discovered a vulnerability in the GNU "tar" program that could allow attackers to overwrite files.

more »
KTools: KMyFirewall

Linux has a fantastic selection of firewalls for securing stand-alone computers or whole networks. Although you can use IPTables to set up a firewall, the configuration is often the most difficult step. KMyFirewall offers a powerful, user-friendly, GUI-based approach.

more »
Yoggie Gatekeeper Pico

This Linux computer on a USB stick acts as a tiny mobile firewall.

more »
Script Error Opens up Security Hole in Xen 3.0.3

A Red Hat update has just been released to close various vulnerabilities in the Xen virtualization solution, one of which was caused by an error in a Python script.

more »

comments powered by Disqus

Issue 212/Features

Buy this issue as a PDF

Digital Issue: Price $9.99

(incl. VAT)

DevOps

Reinvent your network with DevOps tools and techniques:

Ansible Configuration Management
AWS Automation Documents
Jekyll – A DIY HTML Engine
Automated Jenkins CI
Auditing Docker Containers in a DevOps Environment
Become a certified DevOps professional with the new Linux Professional Institute DevOps Tools Engineer certification."

News

GitLabs Drops Pricing after Microsoft, GitHub Acquisition

open source

GitLabs is creating more incentives for users to switch from GitHub.
KDE Plasma 5.13 Is Here

KDE

The desktop environment is designed to be more resource efficient.
SUSE Forks Red Hat’s Spacewalk Project

Red Hat , Red Hat Linux , SUSE

SUSE relies heavily on the project for its own SUSE Manager.
openSUSE Leap 15 Announced

Opensuse

The release was announced at the openSUSE Conference in Prague, Czech Republic.
SoftMaker FreeOffice 2018 for Linux

SoftMaker Software GmbH has announced FreeOffice 2018, a free of cost office suite for Linux.
A New CentOS

Latest version of the community Linux based on Red Hat Enterprise Linux 7.5
Ubuntu 18.04 Released

Ubuntu

“Bionic Beaver” comes with hardware-focused improvements and Gnome as the default shell.
Richard Stallman Calls Azure Sphere OS a Positive Step

Stallman is glad that Microsoft will respect user’s freedom.
Red Hat Enterprise Linux 7.5 Released

Community , Red Hat , Red Hat Linux

The latest release is focused on hybrid cloud.
Microsoft Releases a Linux-Based OS

Community , Kernel

The company is building a new IoT environment powered by Linux.