Bugtraq: Re: CheckPoint Secure Platform Multiple Buffer Overflows

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: CheckPoint Secure Platform Multiple Buffer Overflows

From: hvazquez () pentest es
Date: 2 Oct 2007 05:17:29 -0000

Please notice that when having admin access probably there are many other trivial ways to completely compromise a 
Secure Platform -get the "Expert" rights- but the paper interest is not this. What it is interesting is the high number 
of buffer overflows found in the CheckPoint applications and the fact that some times they can be exploited even if the 
platform is hardened via standard DAC policies + kernel patches, etc.
MAC policies or MLS System probably would have contained the attack.

-----------------------

Hugo Vázquez Caramés

"There are only 10 types of people in the world: Those who 
understand binary, and those who don't"

==================================================
PENTEST Consultores
Tel: 93 3962070 / Fax: 93 3962001
e-mail:  hvazquez () pentest es
==================================================
Gane credibilidad y confianza, visite http://www.pentest.es

By Date By Thread

Current thread:

CheckPoint Secure Platform Multiple Buffer Overflows hvazquez (Oct 01)
- RE: CheckPoint Secure Platform Multiple Buffer Overflows Tony Reusser (Oct 03)
  - RE: CheckPoint Secure Platform Multiple Buffer Overflows Hugo van der Kooij (Oct 03)
- <Possible follow-ups>
- Re: CheckPoint Secure Platform Multiple Buffer Overflows hvazquez (Oct 02)
- Re: RE: CheckPoint Secure Platform Multiple Buffer Overflows fwadmin (Oct 11)
- Re: RE: CheckPoint Secure Platform Multiple Buffer Overflows hvazquez (Oct 17)