Telecom and Logistics Associates 

new6.gif (1031 bytes) TLAalert    Security Service 
Translate this page from:  publication: Christian ALT 
  Save Time and Money

TLAnews: Security NEWs Service 

 25.7.2000 SecurityRumour Potential vulnerability of Checkpoint's firewall
John McDonald, a security consultant at Data Protect GmbH in Munich, said he has discovered an anomaly that could allow hackers to get through FireWall-1.

French: Rumeur une vulnérabilité potentielle dans le firewall de Checkpoint
John McDonald, un consultant en sécurité de la société Data Protect GmbH de Muenich, dit qu'il a découvert une anomalie qui pourrait permettre à des pirates de passer au travers de FireWall-1

Home
Consulting
Tech Doc
FW-1 FAQ
Training
Products
TLAnews
Archive
Advertising
 

TLAnews.com
Information for security concerned people

 
Register to TLAnews letter
 

 

 

 

 
English version
"We found some ... extra functionality in the firewall and we found ways to use it that the designer didn't consider," he said.

Under certain circumstances, said Mr. McDonald, the hacker can not only penetrate the system, but actually gain administrative control and the ability to determine who can get at the data protected by the barrier. "This is a bug, it's something [the designers] didn't think all the way through," he said.

But Mr. McDonald revealed few details of his findings. He said he is planning to go public along with the two other members of his team this week at Black Hat, a computer security industry conference in Las Vegas.

Check Point confirmed the company is aware of the work done by Mr. McDonald and his company. The company has seen no evidence of a problem with the FireWall-1 software that might allow an unauthorized user to take administrative control

 
Résumé en français

Selon lui "Nous avons trouvé... une fonctionnalité supplémentaire dans le firewall et ue manière de l'utiliser, imprévue par les développeurs."

Dans certaine circonstance, selon les dires de M. McDonald, non seulement le pirate peut pénètre le système, mais il peut obtenir son contrôle en administration, et la possibilité de déterminer qui peut accèder aux données protégées par cette défense.

Pour le moment aucuns détails n'ont été révélés. Ils le seront dans le cadre de la conférence Black Hat qui se tient à Las Vegas cette semaine.

Checkpoint confirm qu'ils sont au courant de ces travaux, mais pour le moment ils disent ne pas avoir de preuves de cette situation.

Un correctif logiciel est toutefois prevu, mais nous ne savons pas si il concernera cette "vulnérabilité potentielle".

Checkpoint get a lot of rumours about vulnerabilities, but to date no compromise has been seen . If someone says they found something, then at Checkpoint they work with them. 

Check Point has a package of software enhancements scheduled to go out to FireWall-1 customers shortly. But we do not know if the vulneravility will be corrected

News of Mr. McDonald's discovery has been circulating in hacker circles and his presentation is eagerly anticipated.

From what we learned, "the vulnerability is dependent on how the software is set up, noting that if the user follows Check Point's instructions closely, the product will be less vulnerable. The most recent version of the software is much less vulnerable than previous versions." But it seems the flaw comes from a common configuration mistake which is a common one.

This part is what we like the most, because it is what we see daily.

"Though frequently installed by experts, he said, firewalls tend to be maintained by an employee at the company, the system administrator, who fine-tunes the firewall to meet company needs."

Stay tuned we will follow that one for you

 

Related information


more security information with TLAnews ...

Author information.
Copyright © [Telecom and Logistics Associates Sàrl]. All rights reserved.
Revised: juillet 25, 2000 .

All information provided is of a general nature and is not intended to address the circumstances of any particular individual or entity. Although we endeavor to provide accurate and timely information, there can be no guarantee that such information is accurate as of the date it is received or that it will continue to be accurate in the future. No one should act upon such information without appropriate professional advice after a thorough examination of the facts of the particular situation.