February 05, 2004, 9:25 AM — Internet Security System Inc. (ISS) Wednesday issued a warning of critical vulnerabilities in Check Point Software Technologies Ltd.'s Check Point Firewall-1 and Check Point VPN-1 Server and SecuRemote and SecureClient VPN (virtual private network) clients.
The first vulnerability is related to a flaw in the HTTP Security Server application proxy that ships with all versions of Firewall-1 that can allow remote attackers to modify or tamper with the firewall rules and configuration, allowing them to compromise the security of the network, ISS said in a statement.
A second flaw within the ISKMAP processing for VPN-1 Server, SecuRemote and SecureClient can allow a remote attacker to compromise the security of any VPN-1 server or client running SecuRemote and SecureClient, it said.
Check Point no longer supports the versions of VPN-1 and SecureRemote/SecureClient affected by this vulnerability, ISS said. Check Point recommends that affected users upgrade to Firewall-1 NG FP1 or greater, it said.
Check Point could not immediately be reached for comment.