North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: ISS X-Force Security Advisories on Checkpoint Firewall-1 andVPN-1

  • From: Chris Brenton
  • Date: Fri Feb 06 13:23:58 2004

On Fri, 2004-02-06 at 09:43, McBurnett, Jim wrote:
> If I was a real hacker, and I found the problem, might I also know the fix?
> And if I was really nice, would I give that fix to the vendor?
> Or could it be that a former Checkpoint employee is now an ISS employee?
> Or .....?

In my experience, CP does not exactly have the best track record for
fixing problems. When I've informed them of vulnerabilities in the past
I've heard everything from "Well you would not have that problem if you
used the product the way it was intended" (remote overflow), to "we'll
fix that problem in the service release coming out 3 months from now
(DoS script kiddies were using against multiple sites, tool in the

Some vendors are slow no matter what you do. :(