Signature Detail
Short Name |
IKE:FW1-OVERFLOW |
|---|---|
Severity |
Critical |
Recommended |
No |
Category |
IKE |
Release Date |
2004/02/10 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
IKE: CheckPoint VPN-1/SecureClient ISAKMP Overflow
This signature detects attempts to exploit a known vulnerability against CheckPoint's VPN-1 product. Attackers can cause a denial of service or execute arbitrary code with root access.
Extended Description
A problem has been identified in the handling of large Certificate Request payload exchanges in Check Point VPN-1, SecuRemote, and SecureClient. Because of this, it is possible for a remote attacker to gain unauthorized access to vulnerable systems.
Affected Products
- Check Point Software Firewall-1 4.1.0
- Check Point Software Firewall-1 4.1.0 SP1
- Check Point Software Firewall-1 4.1.0 SP2
- Check Point Software Firewall-1 4.1.0 SP3
- Check Point Software Firewall-1 4.1.0 SP4
- Check Point Software Firewall-1 4.1.0 SP5
- Check Point Software Firewall-1 4.1.0 SP5a
- Check Point Software FireWall-1 Next Generation FP0
- Check Point Software FireWall-1 Next Generation FP1
- Check Point Software SecureClient 4.0.0
- Check Point Software SecureClient 4.1.0
- Check Point Software SecuRemote 4.0.0
- Check Point Software SecuRemote 4.1.0
- Check Point Software VPN-1 4.1.0
- Check Point Software VPN-1 4.1.0 SP1
- Check Point Software VPN-1 4.1.0 SP2
- Check Point Software VPN-1 4.1.0 SP3
- Check Point Software VPN-1 4.1.0 SP4
- Check Point Software VPN-1 4.1.0 SP5
- Check Point Software VPN-1 4.1.0 SP5a
- Check Point Software VPN-1 Next Generation FP0
- Check Point Software VPN-1 Next Generation FP1
References