Denial of Service Vulnerability in Check Point IKEv1 Implementation
CVE-2005-3673

Currently unrated

Key Information:

Vendor: Checkpoint
Status: Check Point; Vpn-1 Firewall-1 Next Generation; Firewall-1; Vpn-1
Vendor: CVE Published:; 18 November 2005

Summary

The Internet Key Exchange version 1 (IKEv1) implementation in Check Point products is susceptible to expertly crafted IKE packets that can lead to a denial of service. This issue, illustrated by the PROTOS ISAKMP Test Suite, arises from improper handling of specific IKE packet formats. As a result, remote attackers could exploit this vulnerability to disrupt legitimate services, severely impacting network security and availability.

References

http://secunia.com/advisories/17621

third-party-advisoryx_refsource_SECUNIA

http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?...

x_refsource_MISC

http://jvn.jp/niscc/NISCC-273756/index.html

x_refsource_MISC

EPSS Score

9% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Nov 18, 2005
Vulnerability Reserved
Nov 18, 2005