Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
D521815
Participant

Missing IPS protection?

We ran a health check (HCP), and it shows the following:

Protections Impact
IPS | Dynamic_Losant Arduino MQTT Client Buffer Overflow (CVE-2018-17614) | M^AGI$C3A | 6.02% |

We would like to inactivate this protection, but it is impossible to find using SmartConsole or GuiDBedit.
Any suggestions?

13 Replies
the_rock
Legend
Legend

Let me search it in the lab and report back.

Andy

the_rock
Legend
Legend

Just checked in both R81.20 and R82 and cant find that CVE anywhere, either in IPS or inspection settings. I see some protections for buffer overflow, but nothing with exact same name.

Andy

PhoneBoy
Admin
Admin

I don't find the protection on my end, either.
Suggest a TAC case: https://help.checkpoint.com 

Tal_Paz-Fridman
Employee
Employee

Can you add a screenshot of the output including the test name?

Thanks!

D521815
Participant

Here comes a screenshot.

Tal_Paz-Fridman
Employee
Employee

This is a protection that was available in the past. I'm checking if it has been removed and if we need to update HCP tests.

D521815
Participant

We have ran Pattern Matcher statistics according to sk43733, and it shows the same result.

Tal_Paz-Fridman
Employee
Employee

I sent the question to relevant owners in R&D.

It exists on the machine in various locations but perhaps it is not active.

Waiting for the reply from owners.

 

 

 

 

Lesley
Mentor Mentor
Mentor

Is it not this but then the other way around? That it got removed instead of added. 

https://support.checkpoint.com/results/sk/sk171752

-------
If you like this post please give a thumbs up(kudo)! 🙂
D521815
Participant

Have you heard anything from R&D yet?

Tal_Paz-Fridman
Employee
Employee

They are currently looking at the issue.

Will update once I know more.

Lesley
Mentor Mentor
Mentor

basic check to make sure IPS is ok. 

You have valid license (cplic print)?

IPS updated? (ips stat)

Version supported (cpinfo -y all)

-------
If you like this post please give a thumbs up(kudo)! 🙂

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events