SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Security)  >   Check Point Endpoint Security Server Vendors:   Check Point
Check Point Endpoint Security Flaw in SNX Service Lets Local Users Gain Elevated Privileges
SecurityTracker Alert ID:  1025207
SecurityTracker URL:  http://securitytracker.com/id/1025207
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Mar 14 2011
Impact:   Root access via local system
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): R73
Description:   A vulnerability was reported in Check Point Endpoint Security. A local user can obtain elevated privileges on the target system.

A local user can exploit a flaw in the SNX service to gain Local System privileges.

The Check Point SSL Network Extender, Endpoint Security Client, Endpoint Connect, and Endpoint Security VPN products are affected.

The following product versions are not affected:
* EPS R80
* EPS R73 HFA01
* EPC R73 HFA01
* EPS R75 VPN
* SNX R75
* SNX R71.30

All other versions of SNX, EPS and EPC are affected.

Thierry Zoller and Nagib Guettiche of Verizon Business (www.verizonbusiness.com) reported this vulnerability.

Impact:   A local user can obtain Local System privileges on the target system.
Solution:   The vendor has issued a fix (SNX Security HotFix), available at:

http://updates.checkpoint.com/fileserver/ID/11879/FILE/SNX_SHF_sk60510.zip

The vendor's advisory is available at:

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk60510

Vendor URL:  supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk60510 (Links to External Site)
Cause:   Not specified
Underlying OS:  Windows (Any)

Message History:   None.


 Source Message Contents

Subject:  Checkpoint VPN - Priviledge Escalation

It  appears  this  bug  has  gone  unoticed to vulnerability databases
maintainers, very likely due to the lack  of disclosure/publication.
This usually means it's also not in compliance/patching systems and
exposes  customers  to unecessary risk. To counteract I'd like to drop
this note.

Checkpoint SNX Escalation of Privileges Vulnerability
======================================================
Product:SSL Network Extender, Endpoint Security Client, Endpoint Connect, Endpoint Security VPN
Version:R73
URL : https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk60510

The following product versions are not vulnerable:
* EPS R80
* EPS R73 HFA01
* EPC R73 HFA01
* EPS R75 VPN
* SNX R75
* SNX R71.30

All other versions of SNX, EPS and EPC are vulnerable.

Credits
--------
Check Point thanks Thierry Zoller and Nagib Guettiche of Verizon Business (www.verizonbusiness.com) for bringing this issue to our attention in a forthright and professional manner.


 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC