Home    |    View Topics    |    Search    |    Contact Us    |   



Category:   Application (Firewall)  >   FireWall-1/VPN-1 Vendors:   Check Point
Check Point FireWall-1/VPN-1 IPSec IKE Processing Lets Remote Users Deny Service
SecurityTracker Alert ID:  1015235
SecurityTracker URL:
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Nov 17 2005
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): NG AI, NGX
Description:   A vulnerability was reported in Check Point FireWall-1/VPN-1. A remote user can cause denial of service conditions.

The software does not properly validate Internet Key Exchange (IKE) packets. A remote user can establish an IKE negotiation and then cause the IKE daemon (vpnd) to crash. The crash may occur during the processing of IKE packet 5 in main mode or during the processing of IKE packet 3 in aggressive mode.

Check Point versions prior to NG with AI R54 are not affected. Versions 4.1, NG, NG FP1, NG FP2, and NG FP3 are not affected.

The University of Oulu Secure Programming Group (OUSPG) discovered these vulnerabilities.

Impact:   A remote user can cause the vpnd process to crash.
Solution:   The vendor has issued the following fixes:

* VPN-1/Firewall-1 NG with AI R54 HFA_417

* VPN-1/Firewall-1 NG with AI R55 HFA_16

* VPN-1/Firewall-1 NG with AI R55W HFA_04

* VPN-1/Firewall-1 NG with AI R55P HFA_06

* VPN-1 Pro NGX R60 HFA_01

The latest HFAs are available at:

VPN-1 Pro NGX R60A already includes the fix. An HFA for Check Point Express CI R57 will be released shortly. An HFA for Firewall-1 GX 3.0 will be released shortly.

The vendor's advisory is available at:

Vendor URL: (Links to External Site)
Cause:   Exception handling error

Message History:   None.

 Source Message Contents

[Original Message Not Available for Viewing]

Go to the Top of This SecurityTracker Archive Page

Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, LLC