Multiple Vulnerabilities in Checkpoint Firewall-1 NG AI and HTTP Security Server

Reported February 4, 2004 by ISS.

 

 

VERSIONS AFFECTED

 

  • Checkpoint Firewall-1 NG-AI R55 and R54, including SSL hotfix

  • Checkpoint Firewall-1 HTTP Security Server, included with NG FP1, FP2, and FP3

 

DESCRIPTION

 

Checkpoint Firewall-1 NG AI and HTTP Security Server contain multiple remotely exploitable format-string vulnerabilities that can result in the compromise of the vulnerable firewall.

 

VENDOR RESPONSE

 

Checkpoint has issued an update about these vulnerabilities and recommends that affected users immediately apply the available patch.

 

CREDIT

 

Discovered by Mark Dowd.

Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish