---------------------------------------------------------------------- A new version (0.9.0.0 - Release Candidate 1) of the free Secunia PSI has been released. The new version includes many new and advanced features, which makes it even easier to stay patched. Download and test it today: https://psi.secunia.com/ Read more about this new version: https://psi.secunia.com/?page=changelog ---------------------------------------------------------------------- TITLE: CheckPoint VPN-1 IP Address Collision Security Issue SECUNIA ADVISORY ID: SA29394 VERIFY ADVISORY: http://secunia.com/advisories/29394/ CRITICAL: Less critical IMPACT: Exposure of sensitive information, DoS WHERE: >From local network SOFTWARE: Check Point VPN-1/FireWall-1 NG with Application Intelligence (AI) http://secunia.com/product/2542/ Check Point VPN-1 UTM NGX http://secunia.com/product/13346/ Check Point VPN-1 Power NGX http://secunia.com/product/13348/ DESCRIPTION: Robert Mitchell has reported a security issue in CheckPoint VPN-1, which can lead to a DoS (Denial of Service) or disclosure of sensitive information. The security issue is caused due to an error in the handling IP address collisions and can lead to a DoS or disclosure of sensitive information. The problem occurs when a remote access client has an IP address, which is also defined in the encryption domain of a gateway that has a site-to-site VPN tunnel to the gateway the client connects to. SOLUTION: The vendor has issued hotfixes to resolve the issue (see vendor advisory for details). PROVIDED AND/OR DISCOVERED BY: Robert Mitchell ORIGINAL ADVISORY: CheckPoint: https://secureknowledge.checkpoint.com/SecureKnowledge/login.do?OriginalAction=solution&id=sk34579 http://updates.checkpoint.com/fileserver/ID/8141/FILE/VPN-1_NGX_R65_HFA02_Supplement3.pdf Robert Mitchell: http://puresecurity.com.au/index.php?action=fullnews&id=5 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------