Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
From: Mark E (mjeWIN2000MAG.COM)
Date: Fri Sep 21 2001 - 11:06:01 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    Original located here:

    September 19, 2001

    An issue exists in VPN-1/FireWall-1 Management Server running on Windows NT
    or Windows 2000. A malicious administrator can exploit a buffer overflow
    condition in the GUI authentication code to potentially impair management
    station functionality or to execute code. Any attack must come from an IP
    address explicitly defined as an authorized GUI client. Only management
    stations running Windows NT or Windows 2000 are affected. This includes any
    standalone VPN-1/FireWall-1 Gateways (with Management Server and enforcement
    points installed on the same machine), but does not include module-only
    (enforcement point) installations.

    This issue affects VPN-1/FireWall-1 4.0, 4.1, and Next Generation systems.
    Hotfixes for VPN-1/FireWall-1 4.0 SP8, 4.1 SP4, 4.1 SP5, and Next Generation
    Hotfix-2 are available for immediate download at

    Apply the relevant GUI Buffer Overflow Hotfix to the management station.

    Who is affected:
    All installations of VPN-1/FireWall-1 with Management Servers running on
    Windows NT or Windows 2000.

    Immediate workaround:
    Allow GUI connections only from trusted hosts.

    Changes made in the Hotfix:
    The buffer checking on the Management Server has been improved.

    Download Information:
    The GUI Buffer Overflow Hotfix is available for immediate download at the
    Software Subscription Download Site for the following versions:

    VPN-1/FireWall-1 4.0 SP8
    VPN-1/FireWall-1 4.1 SP4
    VPN-1/FireWall-1 4.1 SP5
    VPN-1/FireWall-1 NG HF2

    NOTE: Management Servers with versions older than those listed above must be
    first upgraded and then have the GUI Buffer Overflow Hotfix applied.

    ** TO UNSUBSCRIBE, send the command "UNSUBSCRIBE win2ksecadvice"
    ** FOR A WEEKLY DIGEST, send the command "SET win2ksecadvice DIGEST"
    SEND ALL COMMANDS TO: listservlistserv.ntsecurity.net