Information Disclosure Vulnerability in Check Point Firewall-1 by Check Point
CVE-2004-2679

Currently unrated

Key Information:

Vendor
Checkpoint
Vendor
CVE Published:
31 December 2004

Summary

Check Point Firewall-1 versions 4.1 up to NG AI R55 are subject to an information disclosure vulnerability. This issue arises when remote attackers exploit the Internet Key Exchange (IKE) protocol by sending a crafted Vendor ID payload, which may cause the firewall to leak sensitive details. The response from Firewall-1 may inadvertently reveal its version and other configuration details, potentially aiding attackers in executing further attacks.

References

Timeline

  • Vulnerability Reserved

  • Vulnerability published

.