Heap-Based Buffer Overflow in Check Point VPN-1 Products
CVE-2004-0699

Currently unrated

Key Information:

Vendor
Checkpoint
Vendor
CVE Published:
28 September 2004

Summary

The vulnerability in Check Point's VPN-1 product relates to a heap-based buffer overflow in its ASN.1 decoding library. This issue arises specifically when Aggressive Mode IKE is employed, allowing remote attackers to potentially execute arbitrary code. By initiating an IKE negotiation and transmitting a specially crafted IKE packet containing malformed ASN.1 data, an attacker can exploit this vulnerability, leading to unauthorized access and control over the affected system.

References

EPSS Score

17% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.