Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Steffen_Appel
Advisor

Are the SMB devices vulnerable to DNSpooQ?

1100/1400/1500 are using DNSmasq in version 2.78, which is vulnerable to DNSpooQ: https://www.jsof-tech.com/disclosures/dnspooq/

 

Could anybody confirm this? And if yes, when will there be a fix?

32 Replies
Steffen_Appel
Advisor

OK thank you!

0 Kudos
Amir_Ayalon
Employee
Employee

added also support for 600/1100

In response to DNSpooQ (CVE-2020-25686, CVE-2020-25684, CVE-2020-25685)

 

SMB 1500 devices can be vulnerable to DNSPooQ on internal (LAN, Wi-Fi) networks.

The issue is resolved in R80.20.20 Build 992001869

http://downloads.checkpoint.com/fileserver/ID/112434/FILE/fw1_vx_dep_R80_992001869_20.img

 

SMB 1200R devices can be vulnerable to DNSPooQ on internal (LAN, Wi-Fi) networks.

The issue is resolved in R77.20.87 Jumbo Hotfix build 990172611

http://downloads.checkpoint.com/fileserver/ID/112500/FILE/fw1_ind_dep_R77_990172611_20.img

 

SMB 700 and 1400 devices can be vulnerable to DNSPooQ on internal (LAN, Wi-Fi) networks.

The issue is resolved in R77.20.87 Jumbo Hotfix build 990173083

http://downloads.checkpoint.com/fileserver/ID/112528/FILE/fw1_sx_dep_R77_990173083_20.img

 

SMB 600/1100 devices can be vulnerable to DNSPooQ on internal (LAN, Wi-Fi) networks.

The issue is resolved in R77.20.80 Build 9920172507

http://downloads.checkpoint.com/fileserver/ID/112596/FILE/fw1_dep_R77_990172507_20.img

Steffen_Appel
Advisor

Which of the private fixes mentioned in the JHFA are in included in the 3083 build?

0 Kudos