Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
IKE:FW1-OVERFLOW |
|---|---|
Severity |
Critical |
Recommended |
No |
Category |
IKE |
Release Date |
2004/02/10 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
IKE: CheckPoint VPN-1/SecureClient ISAKMP Overflow
This signature detects attempts to exploit a known vulnerability against CheckPoint's VPN-1 product. Attackers can cause a denial of service or execute arbitrary code with root access.
Extended Description
A problem has been identified in the handling of large Certificate Request payload exchanges in Check Point VPN-1, SecuRemote, and SecureClient. Because of this, it is possible for a remote attacker to gain unauthorized access to vulnerable systems.
Affected Products
- Check_point_software firewall-1 4.1.0
- Check_point_software firewall-1 4.1.0 SP1
- Check_point_software firewall-1 4.1.0 SP2
- Check_point_software firewall-1 4.1.0 SP3
- Check_point_software firewall-1 4.1.0 SP4
- Check_point_software firewall-1 4.1.0 SP5
- Check_point_software firewall-1 4.1.0 SP5a
- Check_point_software firewall-1_next_generation FP0
- Check_point_software firewall-1_next_generation FP1
- Check_point_software secureclient 4.0.0
- Check_point_software secureclient 4.1.0
- Check_point_software securemote 4.0.0
- Check_point_software securemote 4.1.0
- Check_point_software vpn-1 4.1.0
- Check_point_software vpn-1 4.1.0 SP1
- Check_point_software vpn-1 4.1.0 SP2
- Check_point_software vpn-1 4.1.0 SP3
- Check_point_software vpn-1 4.1.0 SP4
- Check_point_software vpn-1 4.1.0 SP5
- Check_point_software vpn-1 4.1.0 SP5a
- Check_point_software vpn-1_next_generation FP0
- Check_point_software vpn-1_next_generation FP1
References