Check Point Firewall-1 SMTP资源消耗漏洞

漏洞信息详情

Check Point Firewall-1 SMTP资源消耗漏洞

• CNNVD编号：CNNVD-200006-117
• 危害等级： 中危
  
  
• CVE编号：
  CVE-2000-0582
  
• 漏洞类型：
  
  
  其他
  
• 发布时间：
  
  2000-06-30
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2006-01-04
  
• 厂        商：
  
  checkpoint
• 漏洞来源：
  Posted to BugTraq …

Check Point FireWall-1 4.0和4.1版本存在漏洞。远程攻击者通过发送无效命令流（例如二进制0）到SMTP安全服务器代理导致拒绝服务。

These latest Service Packs address the described denial of service issue. It is important to note that even without the new service packs installed, this attack does not disable firewall operations in general, only operation of the SMTP Security Server, since the Security Server operates with a lower processor priority than the FireWall-1 kernel module.
Check Point Software Firewall-1 4.0

• Check Point Software Service Packs
  
  http://www.checkpoint.com/techsupport/index.html

Check Point Software Firewall-1 4.1

• Check Point Software Service Packs
  
  http://www.checkpoint.com/techsupport/index.html

来源: BUGTRAQ
名称: 20000630 SecureXpert Advisory [SX-20000620-3]
链接:http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.LNX.3.96.1000630162106.4619C-100000@fjord.fscinternet.com

来源: www.checkpoint.com
链接:http://www.checkpoint.com/techsupport/alerts/list_vun.html#SMTP_Security

来源: BID
名称: 1416
链接:http://www.securityfocus.com/bid/1416

来源: OSVDB
名称: 1438
链接:http://www.osvdb.org/1438