Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0699

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2004-0699
Last Modified 05 Sep 2008 04:39:08
Published 28 Sep 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-0699

Summary

Heap-based buffer overflow in ASN.1 decoding library in Check Point VPN-1 products, when Aggressive Mode IKE is implemented, allows remote attackers to execute arbitrary code by initiating an IKE negotiation and then sending an IKE packet with malformed ASN.1 data.

Vulnerable Systems

Application

  • Checkpoint Firewall-1 4.1

  • Checkpoint Vpn-1


References

CERT-VN - VU#435358

XF - vpn1-asn1-decoding-bo(16824)

ISS - 20040728 Check Point VPN-1 ASN.1 Decoding Remote Compromise

CONFIRM - http://www.checkpoint.com/techsupport/alerts/asn1.html

CIAC - O-190

SECUNIA - 12177

BID - 10820

OSVDB - 8290

SECTRACK - 1010799


Last Updated: 27 May 2016 10:38:43