lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1076074874.25156.59.camel@power.post.ch>
Date: Fri, 06 Feb 2004 14:41:15 +0100
From: Markus Wernig <listener@...nig.net>
To: bugtraq@...urityfocus.com
Subject: Re: Two checkpoint fw-1/vpn-1 vulns


On Thu, 2004-02-05 at 17:22, Bjørnar Bjørgum Larsen wrote:
> see

> http://xforce.iss.net/xforce/alerts/id/162
> 

It is in fact a bit confusing, as ISS states that any FW-1 AI
installation is vulnerable, as soon as AI is enabled (which it is by
default), while Checkpoint claims that only systems with the HTTP
security servers enabled (which you have to do explicitly) are
vulnerable.

Does anybody have any reliable information about that?
Does anybody know how a possible attack could work or even have a hint
how to craft a snort signature? (Please excuse the irony snort::ISS, it
is not intended)

rgds /markus

--
Markus Wernig
UNIX/Network and Security Engineer
 
-> GPG: markus.wernig.net/pubkey
-> Linux User Group Bern: www.lugbe.ch
-> Freie Software f. die Schweiz: wilhelmtux.ch




Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ