----- Forwarded message from Scott Walker Register <scott.registerat_private> ----- From: Scott Walker Register <scott.registerat_private> To: aleph1at_private Cc: certat_private Subject: Check Point response to RDP Bypass Date: Mon, 9 Jul 2001 10:33:42 -0500 Message-ID: <Chameleon.994689280.walker@stinky> X-Mailer: Z-Mail Pro 6.2, NetManage Inc. [ZM62_16E] Check Point uses a protocol called RDP (UDP/259) for some internal communication between software components (this is not the same RDP as IP protocol 27). By default, VPN-1/FireWall-1 allows RDP packets to traverse firewall gateways in order to simplify encryption setup. Under some conditions, packets with RDP headers could be constructed which would be allowed across a VPN-1/FireWall-1 gateway without being explicitly allowed by the rule base. A hotfix is available for immediate download which addresses this issue. Further details are available at http://www.checkpoint.com/techsupport/alerts/ . Check Point acknowledges Jochen Bauer and Boris Wesslowski of Inside Security GmbH, Stuttgart, Germany, for this contribution and their ethical and forthright cooperation. ----- End forwarded message ----- -- Elias Levy SecurityFocus.com http://www.securityfocus.com/ Si vis pacem, para bellum
This archive was generated by hypermail 2b30 : Mon Jul 09 2001 - 11:38:12 PDT