| Platform: | Red Hat Linux 7.3, maybe others too |
| Product: | Check Point Next Generation FP3, FP3 HF1 |
| Problem: |
Since Feature Pack 3 it's possible to configure (by GUI) the Management Server to accept syslog messages
(Check Point > Logs and Masters > Additional Logging > Accept Syslog messages, activate it and restart the machine). By sending very many characters, the syslogd will first utilize much CPU time, then crash. Additionally, elder versions don't filter Escape sequences but execute them, when the log is shown at the console. AERAsec has published an advisory with full details about this issue. |
| Workaround/Fix: |
Check Point has published an alert
about this topic. The first part is fixed in Hotfix 2 for FP3, the second is fixed in NG AI. |
No warranty at all, your Feedback is welcome!
© 200^2-2011 AERAsec Network Services and Security GmbH, last change 2003-11-26
back to http://www.vpn-1.de/aerasec/