Buffer Overflow in Check Point VPN-1 and FireWall-1 Products
CVE-2004-0469

Currently unrated

Key Information:

Vendor: Checkpoint
Status: Next Generation; Vpn-1; Ng-ai; Firewall-1
Vendor: CVE Published:; 7 July 2004

Summary

A buffer overflow exists in the ISAKMP functionality of Check Point's VPN-1 and FireWall-1 NG products that can be exploited during VPN tunnel negotiations. This weakness allows remote attackers to potentially execute arbitrary code on affected systems if they can send specially crafted packets. The vulnerability affects earlier versions, necessitating timely upgrades to versions R55 HFA-03, R54 HFA-410, or NG FP3 HFA-325, among others, to mitigate associated risks.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/16060

vdb-entryx_refsource_XF

http://www.checkpoint.com/techsupport/alerts/ike_vpn.html

vendor-advisoryx_refsource_CHECKPOINT

http://www.securityfocus.com/bid/10273

vdb-entryx_refsource_BID

EPSS Score

6% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jul 7, 2004
Vulnerability Reserved
May 12, 2004