CPUG: The Check Point User Group

Resources for the Check Point Community, by the Check Point Community.


Tim Hall has done it again! He has just released the 2nd edition of "Max Power".
Rather than get into details here, I urge you to check out this announcement post.
It's a massive upgrade, and well worth checking out. -E

 

Results 1 to 10 of 10

Thread: Check Point Gaia OS Privilege Escalation

  1. #1
    Join Date
    2012-08-16
    Posts
    182
    Rep Power
    7

  2. #2
    Join Date
    2007-10-31
    Location
    Great Plains - USA
    Posts
    158
    Rep Power
    12

    Default Re: Check Point Gaia OS Privilege Escalation

    Thank you for posting that information.

  3. #3
    Join Date
    2011-08-02
    Location
    http://spikefishsolutions.com
    Posts
    1,637
    Rep Power
    9

    Default Re: Check Point Gaia OS Privilege Escalation

    Quote Originally Posted by dbrown3611 View Post
    Thank you for posting that information.
    I wonder what else is missing from here

  4. #4
    Join Date
    2012-08-16
    Posts
    182
    Rep Power
    7

    Default Re: Check Point Gaia OS Privilege Escalation

    Quote Originally Posted by jflemingeds View Post
    I wonder what else is missing from here
    Yeah, I only found it while browsing the Tenable site for an unrelated issue.

  5. #5
    Join Date
    2006-09-26
    Posts
    3,171
    Rep Power
    16

    Default Re: Check Point Gaia OS Privilege Escalation

    Quote Originally Posted by aweldon View Post
    Yeah, I only found it while browsing the Tenable site for an unrelated issue.
    It is such a typical checkpoint response. No wonder why people are leaving checkpoint for greener pasture. see below:


    Disclosure Timeline
    11/16/2017 - Issue discovered.
    11/17/2017 - Tenable emails a description of vulnerability to Check Point.
    11/20/2017 - Check Point acknowledges the vulnerability and claims their own internal audit already flagged this. Planned patch release for Q1-2018.
    11/27/2017 - Tenable asks if a CVE has been assigned. Offers to assign one if not. Also informs Check Point of 90 day disclosure policy.
    11/28/2017 - Check Point ignores Tenable's CVE/disclosure information and reiterates that they found the vulnerability already. Offers researcher a "cool Cyber Ninja T-shirt".
    02/20/2018 - Tenable emails Check Point that the 90 days have passed and no patch is available.
    02/20/2018 - Check Point claims Tenable is "ignoring [their] feedback that we already found this issue internally before you reported it."
    02/20/2018 - Tenable informs Check Point that independent discovery is a thing and we do plan to release an advisory with or without patches.
    02/21/2018 - Check Point tells Tenable that they will share patch dates shortly.
    02/26/2018 - Check Point says patches were released 02-15-2018 and 02-26-2018.
    02/26/2018 - Tenable informs Check Point that they will be publishing an advisory since patches have been released.
    02/26/2018 - Check Point asks Tenable not to publish an advisory today. -- I guess when Checkpoint realized that it will be shaming then it reached out to Tenable :-(
    02/27/2018 - Check Point releases an advisory

  6. #6
    Join Date
    2006-04-27
    Location
    Twillight zone
    Posts
    1,006
    Rep Power
    14

    Default Re: Check Point Gaia OS Privilege Escalation

    Cool cyber ninja t-shirt

  7. #7
    Join Date
    2011-08-02
    Location
    http://spikefishsolutions.com
    Posts
    1,637
    Rep Power
    9

    Default Re: Check Point Gaia OS Privilege Escalation

    Quote Originally Posted by aweldon View Post
    Yeah, I only found it while browsing the Tenable site for an unrelated issue.
    Click image for larger version. 

Name:	facepalm.png 
Views:	37 
Size:	4.2 KB 
ID:	1377

  8. #8
    Join Date
    2011-08-02
    Location
    http://spikefishsolutions.com
    Posts
    1,637
    Rep Power
    9

    Default Re: Check Point Gaia OS Privilege Escalation

    I guess to be fair Checkpoint did say fix in q1 which technically isnít over.

  9. #9
    Join Date
    2006-09-26
    Posts
    3,171
    Rep Power
    16

    Default Re: Check Point Gaia OS Privilege Escalation

    Quote Originally Posted by jflemingeds View Post
    I guess to be fair Checkpoint did say fix in q1 which technically isnít over.
    This is NOT true.

    Take 309 for R77.30 is not GA which I don't think anyone with common sense would want to run this in a production environment so it does not count

    No fix available for R80.10 yet.

    Check Point releases an advisory is not the same as releasing a fix.

    Go figure.

  10. #10
    Join Date
    2011-08-02
    Location
    http://spikefishsolutions.com
    Posts
    1,637
    Rep Power
    9

    Default Re: Check Point Gaia OS Privilege Escalation

    Ok youíre right. Sorry I forgot q1 ended feb 28. My bad.

Similar Threads

  1. Replies: 3
    Last Post: 2016-06-10, 14:12
  2. Checkpoint gaia R75.46 hard disk health check
    By maldini.vivek in forum R75.40 (GAiA)
    Replies: 3
    Last Post: 2015-08-16, 10:42
  3. Replies: 3
    Last Post: 2012-05-17, 20:48
  4. SNX Escalation of Privileges Vulnerability
    By Thorpuse in forum SNX - SSL Network Extender
    Replies: 2
    Last Post: 2011-01-24, 02:46

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •