Information Disclosure Vulnerability in Check Point Firewall-1 by Check Point
CVE-2004-2679
Currently unrated
Summary
Check Point Firewall-1 versions 4.1 up to NG AI R55 are subject to an information disclosure vulnerability. This issue arises when remote attackers exploit the Internet Key Exchange (IKE) protocol by sending a crafted Vendor ID payload, which may cause the firewall to leak sensitive details. The response from Firewall-1 may inadvertently reveal its version and other configuration details, potentially aiding attackers in executing further attacks.
References
Timeline
Vulnerability Reserved
Vulnerability published