Reported May 04, 2004, by Check Point

VERSIONS AFFECTED

  • Check Point Software Technologies VPN-1 products, Release 55 (R55) and earlier

DESCRIPTION
A buffer-overrun vulnerability in Check Point VPN products could let a potential attacker compromise a Check Point VPN-1 gateway. An Internet Security Association and Key Management Protocol (ISAKMP) vulnerability has been discovered that affects Check Point VPN-1 products during negotiations of a VPN tunnel. Check Point customers who don't use remote access VPNs or gateway-to-gateway VPNs or who've upgraded to current product versions (i.e., VPN-1/FireWall-1 R55 HFA-03, R54 HFA-410, and NG FP3 HFA-325; and VPN-1 SecuRemote/SecureClient R56) aren't affected by this vulnerability.

VENDOR RESPONSE
Check Point has released the bulletin "ISAKMP Vulnerability" to address this vulnerability and recommends that affected users immediately apply the appropriate patch listed in the bulletin.

CREDIT
Discovered by Check Point.