Vigil@nce - Check Point Security Gateway: Anti-Spoofing not enforced
January 2014 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can in some cases traverse Check Point Security
Gateway, with an IP address belonging to a forbidden network.
Impacted products: CheckPoint Security Gateway
Severity: 2/4
Creation date: 14/01/2014
DESCRIPTION OF THE VULNERABILITY
The Anti-Spoofing feature forbids an IP address belonging to one
network to enter on another interface.
However, on Security Gateway version R75.47, the Anti-Spoofing is
disrupted by the following operations:
– change in the routing table
– "Get - Interfaces with Topology" operation
An attacker can therefore in some cases traverse Check Point
Security Gateway, with an IP address belonging to a forbidden
network.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Check-Point-Security-Gateway-Anti-Spoofing-not-enforced-14078