Concern about Checkpoint and SSL Vulnerability

To: full-disclosure@xxxxxxxxxxxxxxxx, bugtraq@xxxxxxxxxxxxxxxxx
Subject: Concern about Checkpoint and SSL Vulnerability
From: <seeker@xxxxxxx>
Date: Fri, 10 Oct 2003 14:56:25 -0700
Cc:
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Found the following in Checkpoint

libcpopenssl.so
>ASN.1 part of OpenSSL 0.9.6c 21 dec 2001
>asn1_lib.c

This is from Solaris. Friends have confirmed
similar in other *nix and M$. Nearly all
executables link to these libraries.

Nothing on Checkpoint website.

NISCC test suite is not publicly available.

Looking to (non-destructively) test my systems ASAP.

TIA for polite suggestions

- -seeker-
-----BEGIN PGP SIGNATURE-----
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 2.3

wkYEARECAAYFAj+HKvgACgkQ/MpaSuZzil3QhACfUag5PQK9vsZ7FB+6kHfNPyYHNggA
nRIq0ZJr9EYWJmV80yZGGPTI94HV
=SjBs
-----END PGP SIGNATURE-----




Concerned about your privacy? Follow this link to get
FREE encrypted email: https://www.hushmail.com/?l=2

Free, ultra-private instant messaging with Hush Messenger
https://www.hushmail.com/services.php?subloc=messenger&l=434

Promote security and make money with the Hushmail Affiliate Program: 
https://www.hushmail.com/about.php?subloc=affiliate&l=427

Prev by Date: [SECURITY] [DSA 394-1] New openssl095 packages fix denial of service
Next by Date: RE: Bad news on RPC DCOM vulnerability
Previous by thread: [SECURITY] [DSA 394-1] New openssl095 packages fix denial of service
Next by thread: TRACKtheCLICK Script Injection Vulnerabilities
Index(es):
- Date
- Thread