Check Point dismisses firewall vulnerabilities

Check Point has dismissed claims of flaws in its firewalls.

Research from penetration testers ProCheckUp found a number of vulnerabilities in the market leading Check Point firewall device which it claimed could be used to carry out attacks on end-users.

ProCheckUp said that it created a proof of concept which demonstrated that when combining vulnerabilities, they can could completely subvert the protective nature of the firewall so that the firewall could be used to carry out attacks on any internal network or wireless end-users.

“Although cross-site scripting, cross-site request forgery, offsite redirection and information disclosure vulnerabilities are well exercised, it should be stressed that these have been found on a security appliance which may affect a large number of organisations, as these devices are commonly used.”

It advised Check Point customers to upgrade to firmware version 8.2.44.

In response, Check Point said that it released firmware version 8.2.45 in October 2011 to fix the vulnerabilities.

To exploit the unpatched flaws, an attacker would have to trick the firewall administrator to visit a malicious site while they are logged into the firewall WebUI, it said.

“Check Point thanks technical director Richard Brain and ProCheckUp for the responsible disclosure of these issues."

Brain said in response that XSRF attacks were more viable due to a session management issue that meant sessions remained active for hours if firewall admins did not log off.

“The core point of the local access issue; is that normally with appliances you have to perform a factory reset to defaults if you lose the password. With the exploit you can access the admin password without needing a factory reset. Finally no security related device should be vulnerable to XSS flaws in 2012.”

This article originally appeared at scmagazineuk.com