Internet Security System has claimed that one its competitors' firewalls had some security flaws. ISS issued a warning of critical vulnerabilities in Check Point Software Technologies' Check Point Firewall-1 and Check Point VPN-1 Server and SecuRemote and SecureClient VPN (virtual private network) clients.

The first vulnerability is related to a flaw in the HTTP Security Server application proxy that ships with all versions of Firewall-1 that can allow remote attackers to modify or tamper with the firewall rules and configuration, allowing them to compromise the security of the network, ISS said.

A second flaw within the ISKMAP processing for VPN-1 Server, SecuRemote and SecureClient can allow a remote attacker to compromise the security of any VPN-1 server or client running SecuRemote and SecureClient, it said.

Check Point no longer supports the versions of VPN-1 and SecureRemote/SecureClient affected by this vulnerability, ISS said. Check Point recommends that affected users upgrade to Firewall-1 NG FP1 or greater, it said.

Check Point could not immediately be reached for comment.