Skip navigation
Menu
Security

Buffer Overrun Vulnerability in Checkpoint VPN-1

Reported May 04, 2004, by Check Point

VERSIONS AFFECTED

  • Check Point Software Technologies VPN-1 products, Release 55 (R55) and earlier

DESCRIPTION
A buffer-overrun vulnerability in Check Point VPN products could let a potential attacker compromise a Check Point VPN-1 gateway. An Internet Security Association and Key Management Protocol (ISAKMP) vulnerability has been discovered that affects Check Point VPN-1 products during negotiations of a VPN tunnel. Check Point customers who don't use remote access VPNs or gateway-to-gateway VPNs or who've upgraded to current product versions (i.e., VPN-1/FireWall-1 R55 HFA-03, R54 HFA-410, and NG FP3 HFA-325; and VPN-1 SecuRemote/SecureClient R56) aren't affected by this vulnerability.

VENDOR RESPONSE
Check Point has released the bulletin "ISAKMP Vulnerability" to address this vulnerability and recommends that affected users immediately apply the appropriate patch listed in the bulletin.

CREDIT
Discovered by Check Point.

Hide comments

More information about text formats

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish
Recommended Reading
DevSecOps concept
90% of Java Services in Production Have Vulnerability Risk, DevSecOps Report Finds
Apr 20, 2024
Businesswoman challenges concept and gender obstacles
Women in Cybersecurity Face Barriers to Hiring, Advancement
Apr 15, 2024
person typing on keyboard with icons for certificates
Top IT Certifications for a Career in Finance
Apr 12, 2024
employee working on a laptop with AI
Why AI Coding Assistants May Be Greatest Cybersecurity Threat Facing Your Business
Mar 26, 2024