Security flaw found in common firewall software
By Riva Richmond
Date: February 06, 2004
Source: Naples Daily News
NEW YORK — Two dangerous software flaws that could become attractive targets for hackers have been discovered in widely used computer-security software made by Check Point Software Technologies Ltd.
If hackers create programs to exploit the flaws, which security experts found in Check Point's firewall and virtual-private network software, they could wreak havoc on the corporate networks they're designed to protect.
Check Point's firewalls are used to control Internet traffic entering and leaving a corporate network. Virtual-private-network, or VPN, software, which typically runs alongside firewall software, employees working remotely to access corporate networks securely. The Israeli company is estimated to have a 50 percent share of the worldwide firewall/VPN software market.
"The most valuable target on the network is the firewall. There is really nothing a hacker can't do if he controls the firewall," said Dan Ingevaldson at Internet Security Systems Inc., a leading maker of intrusion-detection software and the outfit that discovered the flaws.
Ingevaldson said X-Force found one vulnerability in Check Point's Firewall-1 HTTP Security Server product and one in its VPN-1 Server and Securemote/SecureClient product. Both could provide a hacker with a way to gain full control of the programs.
The firewall flaw is fairly difficult to exploit, he said, but warned that all it takes is one skilled hacker to create an attack that could be widely shared among via the Internet. Check Point issued a "critical" bulletin and software update to fix the bug on its Web site Thursday.
The VPN flaw is in an older version of the software that Check Point no longer supports. Therefore, it hasn't created a software "patch" to fix the bug, Ingevaldson said.
Check Point couldn't be immediately reached for comment.
Shares of the company closed at $20.81 Thursday, up 14 cents, or 0.7 percent, on the Nasdaq Stock Market.
^macro[showdigestcomments;^uri;Security flaw found in common firewall software]