Guest Access
Sign In

Live Chat
Start Chat Now

Service Requests

Contact Us

STAY UP TO DATE
Get weekly email notifications on support related updates.
 Support Center > Search Results > SecureKnowledge Details
Support Center
The information you are about to copy is INTERNAL! DO NOT share it with anyone outside Check Point.
 Print    Email
Check Point response to Media Encryption EPM Explorer lockout bypass (CVE-2013-5635 and CVE-2013-5636)
Solution ID: sk96589
Severity: Medium
Product: Media Encryption
Version: All
OS: Windows
Platform / Model: Intel/PC
Date Created: 14-Nov-2013
Last Modified: 13-Feb-2014
Rate this document
[1=Worst,5=Best]
Symptoms
  • Media Encryption EPM Explorer is a standalone application that provides access to encrypted media on machines without the Media Encryption product.

  • It is possible to bypass the password failure limit of the Media Encryption EPM Explorer application to perform brute force attacks (CVE-2013-5635 and CVE-2013-5636).

  • All versions of Media Encryption EPM Explorer are affected.
Solution

Check Point offers an improved client for this issue.

  1. Download the package with improved clients:

    Version Link
    Endpoint Security E80.41 Media Encryption & Port Protection Hotfix (ZIP)
    Endpoint Security E80.50 Media Encryption & Port Protection Hotfix (ZIP)

    Note: All other blades are not changed.

  2. Unpack the ZIP package with improved clients.

  3. Upload the improved client(s) to the Endpoint Security Management Server:

    1. Connect with SmartEndpoint GUI to the Endpoint Security Management Server.

    2. Go to the 'Deployment' tab - expand the 'Advanced Package Settings' - go to the 'Packages Repository'.

    3. Click one of these buttons:

      • 'Upload new version MSI...' - to upload a single MSI file.

      • 'Upload new version folder...' - to upload a folder containing multiple MIS packages.


  4. Deploy the improved client(s):

    1. Go to the 'Deployment' tab - go to the 'Software Deployment Rules'.

    2. Either create a new rule, or change the existing rule - 'Client Version'.

    3. Save the changes.

    4. Click on 'Install'.

    5. Select the Rules to install and then click on 'Install'.

 

Credits

Check Point is grateful to Pedro Andujar of http://www.digitalsec.net for responsible disclosure of this issue.


Applies To:
  • 01214993 , 01215008 , 01265865 , 01265884 , 01322306 , 01341507 , 01345297
Give us Feedback
Rate this document
[1=Worst,5=Best]
Additional comments...(Max 2000 characters allowed)
Characters left: 2000