Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

ToolTalk Database Server Vulnerability Discovered

Check Point : 29 July, 2010  (Technical Article)
Remote injection attack possibility on ToolTalk Database protected against for Check Point customers
The Check Point IPS Research team has recently discovered a critical vulnerability in a function of the ToolTalk Database Server Parser that can enable a remote attacker to potentially inject and execute arbitrary code onto the affected system.

Check Point customers are protected against this vulnerability with the Check Point IPS Software Blade and NGX SmartDefense, which provide immediate protection by detecting and blocking malformed database requests.

The vulnerability identified is in the RPC-based ToolTalk database server that creates and manages database files and affects all system users with IBM AIX Version 6.1.3 and lower, Sun Solaris 10 Sparc/x86 and lower, as well as HP HP-UX 11.0 and lower. The vulnerability was discovered and responsibly disclosed to vendors by the Check Point IPS Research team, who conduct original research on network, protocol, application vulnerabilities, and identify potential exploits before they are introduced into the wild. Check Point recommends applying the latest vendor patches and getting immediate protection by applying the latest IPS update.

In addition, Check Point also announced today that its IPS Software Blade and NGX SmartDefense solutions protect against the two zero-day vulnerabilities Microsoft recently patched, including:

The Windows Help and Support Center (HSC) vulnerability - A zero-day threat found that can enable a remote attacker to entice a user to open a maliciously crafted HTML file with Internet Explorer and execute arbitrary code on the affected system.

The Canonical Display Driver vulnerability - A critical zero-day threat that may be exploited by convincing a user to view a specially crafted image file with an affected application.

Check Point IPS solutions provide intrusion prevention capabilities integrated into Check Point gateways that detect and block attempts to exploit these vulnerabilities. Check Point IPS products are supported by Check Point's Update Services, which provide ongoing and real-time updates and configuration advisories for defences and security policies. Check Point protections are developed and distributed by Security Research and Response Centres located around the globe.

Based on the Software Blade architecture, Check Point IPS Software Blade provides complete, integrated, next generation firewall intrusion prevention capabilities at multi-gigabit speeds, with pre-emptive threat coverage for clients, servers, OS and other vulnerabilities, malware/worm infections, and more. Software Blades are independent and flexible security modules that enable companies to select the functions they need to build a custom Check Point Security Gateway.
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo