New Banner 3


Find out more about ProCheckUp's services including: Penetration Testing, PCI QSA and PCI ASV.

More detail

Client Quote

ProCheckUp are extremely flexible in meeting our requirements. The output is professional and of a consistently high standard with clear evidence that the testers are at the top of their game.

Check Point dismisses firewall vulnerability research

16 November 2012 by Dan Raywood, SC Magazine

Check Point has dismissed claims of flaws in its firewalls.

Research from penetration testers ProCheckUp found a number of vulnerabilities in the market leading Check Point firewall device which it claimed could be used to carry out attacks on end-users.

ProCheckUp said that it created a proof of concept which demonstrated that when combining vulnerabilities, they can could completely subvert the protective nature of the firewall so that the firewall could be used to carry out attacks on any internal network or wireless end-users.

It said: "Although cross-site scripting, cross-site request forgery, offsite redirection and information disclosure vulnerabilities are well exercised, it should be stressed that these have been found on a security appliance which may affect a large number of organisations, as these devices are commonly used." It advised Check Point customers to upgrade to firmware version 8.2.44.

In response, Check Point said that it released firmware version 8.2.45 in October 2011 to fixes these vulnerabilities and said that to exploit these vulnerabilities (if they are unpatched), an attacker has to trick the firewall administrator to visit a malicious site while they are logged into the firewall WebUI.

"Check Point thanks technical director Richard Brain and ProCheckUp for the responsible disclosure of these issues," it said.

In response, Brain said: "There is a session management issue - so if the firewall administrator does not explicitly log off, the session remains active for a number of hours, making XSRF attacks more viable.

"The core point of the local access issue; is that normally with appliances you have to perform a factory reset to defaults if you lose the password. With the exploit you can access the admin password without needing a factory reset. Finally no security related device should be vulnerable to XSS flaws in 2012."

The following article appears on SC Magazine. You can  click here to read it in its original source.

Back To listing