Detalji

Objavljena je nadogradnja programskih paketa SSL Network Extender, Endpoint Security Client, Endpoint Connect i Endpoint Security VPN koja ispravlja nov sigurnosni nedostatak. Riječ je o skupu programskih paketa koji služe za implementaciju sigurnosnih mrežnih mehanizama koji pružaju zaštitu komunikacije između krajnjih mrežnih čvorova. Točan uzrok nedostatka nije objavljen, no poznato je da ga lokalni, zlonamjerni korisnici mogu iskoristiti za stjecanje većih privilegija na ranjivom sustavu. Objavljena je službena zakrpa koja ispravlja opisan nedostatak te se svim korisnicima savjetuje njena primjena.

Check Point Endpoint Security Flaw in SNX Service Lets Local Users Gain Elevated Privileges
SecurityTracker Alert ID:  1025207
SecurityTracker URL:  http://securitytracker.com/id/1025207
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Mar 14 2011
Impact:   Root access via local system
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): R73
Description:   A vulnerability was reported in Check Point Endpoint Security. A local user can obtain elevated privileges on the target system.

A local user can exploit a flaw in the SNX service to gain Local System privileges.

The Check Point SSL Network Extender, Endpoint Security Client, Endpoint Connect, and Endpoint Security VPN products are affected.

The following product versions are not affected:
* EPS R80
* EPS R73 HFA01
* EPC R73 HFA01
* EPS R75 VPN
* SNX R75
* SNX R71.30

All other versions of SNX, EPS and EPC are affected.

Thierry Zoller and Nagib Guettiche of Verizon Business (www.verizonbusiness.com) reported this vulnerability.
Impact:   A local user can obtain Local System privileges on the target system.
Solution:   The vendor has issued a fix (SNX Security HotFix), available at:

http://updates.checkpoint.com/fileserver/ID/11879/FILE/SNX_SHF_sk60510.zip

The vendor's advisory is available at:

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk60510
Vendor URL:  supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk60510 (Links to External Site)
Cause:   Not specified
Underlying OS:   Windows (Any)

Message History:   None.

Idi na vrh