Buffer Overflow Vulnerability in Check Point Firewall-1 PKI Web Service
CVE-2009-1227

Currently unrated

Key Information:

Vendor

Checkpoint
Status
Firewall-1 Pki Web Service
Vendor
CVE Published:
2 April 2009

Badges

๐Ÿ‘พ Exploit Exists๐ŸŸก Public PoC๐ŸŸฃ EPSS 16%

What is CVE-2009-1227?

A buffer overflow vulnerability exists in the PKI Web Service of Check Point Firewall-1, allowing remote attackers to potentially cause a denial of service or execute arbitrary code. This vulnerability arises from a long Authorization or Referer HTTP header directed at TCP port 18624. While Check Point has disputed the existence of this vulnerability, stating that thorough analysis has proven their systems are secure, concerns remain regarding the reliability of the original research and the inability to reproduce the attack under controlled conditions.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2009-1227 - Proof of Concept

References

http://www.securityfocus.com/archive/1/502256/100/0/threaded
mailing-listx_refsource_BUGTRAQ
https://www.exploit-db.com/exploits/8313
exploitx_refsource_EXPLOIT-DB
http://archives.neohapsis.com/archives/fulldisclosure/200...
mailing-listx_refsource_FULLDISC

EPSS Score

16% chance of being exploited in the next 30 days.

Timeline

  • ๐ŸŸก

    Public PoC available

  • ๐Ÿ‘พ

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

.