Posted: 04 February 2004 A vulnerability in the FireWall-1 HTTP Security Servers exists that may cause it to crash in certain circumstances, which is very difficult to manipulate but might allow further exploitation. This issue only exists when using HTTP Security Servers. In order to protect FireWall-1 against this vulnerability, Check Point recommends that customers apply a simple change to a configuration file on the enforcement modules that will solve the problem. Affected Releases:
If the HTTP Security Servers are not in use on the module, there is no need to install the update. The update is applicable on the following releases:
This update is available to all customers from the links below. This same update is applied to all platforms and releases of Next Generation and Next Generation with Application Intelligence.
Simple Installation Instructions:
For additional detailed instructions to manually edit the cpsc.conf file, click here. |