Information Disclosure Vulnerability in Check Point Firewall-1 by Check Point
CVE-2004-2679

Currently unrated

Key Information:

Vendor: Checkpoint
Status: Firewall-1
Vendor: CVE Published:; 31 December 2004

Summary

Check Point Firewall-1 versions 4.1 up to NG AI R55 are subject to an information disclosure vulnerability. This issue arises when remote attackers exploit the Internet Key Exchange (IKE) protocol by sending a crafted Vendor ID payload, which may cause the firewall to leak sensitive details. The response from Firewall-1 may inadvertently reveal its version and other configuration details, potentially aiding attackers in executing further attacks.

References

http://archives.neohapsis.com/archives/fulldisclosure/200...

mailing-listx_refsource_FULLDISC

https://exchange.xforce.ibmcloud.com/vulnerabilities/16434

vdb-entryx_refsource_XF

http://www.nta-monitor.com/news/checkpoint2004/index.htm

x_refsource_MISC

Timeline

Vulnerability Reserved
Feb 26, 2007
Vulnerability published
Dec 31, 2004