Reported May 04, 2004, by Check Point
A buffer-overrun vulnerability in Check Point VPN products could let a potential attacker compromise a Check Point VPN-1 gateway. An Internet Security Association and Key Management Protocol (ISAKMP) vulnerability has been discovered that affects Check Point VPN-1 products during negotiations of a VPN tunnel. Check Point customers who don't use remote access VPNs or gateway-to-gateway VPNs or who've upgraded to current product versions (i.e., VPN-1/FireWall-1 R55 HFA-03, R54 HFA-410, and NG FP3 HFA-325; and VPN-1 SecuRemote/SecureClient R56) aren't affected by this vulnerability.
Check Point has released the bulletin "ISAKMP Vulnerability" to address this vulnerability and recommends that affected users immediately apply the appropriate patch listed in the bulletin.
Discovered by Check Point.