Denial of Service Vulnerability in Check Point VPN-1 Power/UTM
CVE-2008-1397

Currently unrated

Key Information:

Vendor: Checkpoint
Status: Vpn-1 Power Utm With Ngx; Check Point Vpn-1 Pro; Vpn-1; Vpn-1 Power Utm
Vendor: CVE Published:; 20 March 2008

Summary

The Check Point VPN-1 Power/UTM, running on NGX R60 to R65 and NG AI R55, is susceptible to a denial of service condition. Remote authenticated users can exploit this vulnerability by setting the local RFC1918 IP address identical to that of one of the endpoint RFC1918 IP addresses of an active site-to-site VPN tunnel. Once this configuration is in place, the attacker can utilize SecuRemote to connect to a network interface on the receiving endpoint, resulting in a disruption of the VPN tunnel and potential interception of network traffic. Proper configuration and regular updates are essential to mitigate this risk.

References

http://puresecurity.com.au/index.php?action=fullnews&id=5

x_refsource_MISC

http://www.securityfocus.com/bid/28299

vdb-entryx_refsource_BID

http://www.kb.cert.org/vuls/id/992585

third-party-advisoryx_refsource_CERT-VN

EPSS Score

8% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Mar 20, 2008
Vulnerability Reserved
Mar 19, 2008