SNX can accept files with connection commands. If such a file contains wrong commands, SNX prints the line with unrecognized command. Since SNX runs as ROOT, an attacker can supply any file on the system and get one line of its content. If the file contains sensitive information, the attacker can get part of it.
Install this hotfix package on your Security Gateway to upgrade the SNX to a non-vulnerable version:
Security Gateway Version |
Hotfix Name |
CPUSE Identifier for Online Package |
CPUSE Offline Package |
R80.10 |
R80_10_SNX_update_750 |
Check_Point_R80_10_SNX_UPDATE_750_Bundle_T3_FULL.tgz |
TGZ |
R80.20 |
R80_20_SNX_update_584_main |
Check_Point_R80_20_SNX_UPDATE_584_MAIN_Bundle_T4_FULL.tgz |
TGZ |
R80.20SP |
R80_20SP_JHF_T310_SNX_MAIN_Bundle_T4 |
Check_Point_R80_20SP_JHF_T310_SNX_MAIN_Bundle_T4_FULL.tgz |
TGZ |
R80.30 |
R80_30_SNX_update_382_main |
Check_Point_R80_30_SNX_UPDATE_382_MAIN_Bundle_T6_FULL.tgz |
TGZ |
R80.30SP |
R80_30SP_JHF_T75_SNX_MAIN_Bundle_T2 |
Check_Point_R80_30SP_JHF_T75_SNX_MAIN_Bundle_T2_FULL.tgz |
TGZ |
R80.40 |
R80_40_SNX_update_568_main |
Check_Point_R80_40_SNX_UPDATE_568_MAIN_Bundle_T3_FULL.tgz |
TGZ |
R81 |
R81_SNX_update_111_main |
Check_Point_R81_SNX_UPDATE_111_MAIN_Bundle_T1_FULL.tgz |
TGZ |
Information for Quantum Spark Appliances:
The fix is available for 15xx models.
To upgrade the SNX Client, do one of these:
Note - The fix for 700 / 1100 / 1200R / 1400 models is planned.
|
This solution has been verified for the specific scenario, described by the combination of Product, Version and Symptoms. It may not work in other scenarios.
|
Applies To: