Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0040

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2004-0040
Last Modified 10 Sep 2008 03:24:55
Published 03 Mar 2004 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-0040

Summary

Stack-based buffer overflow in Check Point VPN-1 Server 4.1 through 4.1 SP6 and Check Point SecuRemote/SecureClient 4.1 through 4.1 build 4200 allows remote attackers to execute arbitrary code via an ISAKMP packet with a large Certificate Request packet.

Vulnerable Systems

Application

  • Checkpoint Firewall-1 4.1

  • Checkpoint Firewall-1 Next Generation Fp0

  • Checkpoint Firewall-1 Next Generation Fp1

  • Checkpoint Vpn-1 4.1

  • Checkpoint Vpn-1 Next Generation Fp0

  • Checkpoint Vpn-1 Next Generation Fp1


References

CERT-VN - VU#873334

BID - 9582

XF - vpn1-ike-bo(14150)

BUGTRAQ - 20040205 Two checkpoint fw-1/vpn-1 vulns

ISS - 20040204 Checkpoint VPN-1/SecureClient ISAKMP Buffer Overflow

OSVDB - 4432

OSVDB - 3821

CIAC - O-073


Last Updated: 27 May 2016 10:38:26