Check Point Patches Severe FireWall-1 Flaws
The vulnerabilities enable attackers to execute commands on the vulnerable server.Check Point Software Technologies Ltd. on Wednesday released a fix for a set of severe security vulnerabilities in its FireWall-1 product that enable attackers to execute commands on the vulnerable server. The problems are a group of format string flaws that appears when FireWall-1 attempts to validate HTTP requests, according to analysts at Internet Security Systems Inc., which discovered the flaws. Error messages created when an invalid portion of a request is specified allow attackers to provide their own format string specifiers. This in turn can lead to corruption of memory and give attackers the ability to run their own code on the server with super-user privileges.
FireWall-1 is among the more widely deployed enterprise firewalls on the Internet.