CheckPoint.VPN-1.SecureClient.ISAKMP.Overflow

description-logoDescription

Check Point VPN-1 Server 4.1 through 4.1 SP6 and Check Point SecuRemote/SecureClient 4.1 through 4.1 build 4200 have a stack based buffer overflow vulnerability. A remote attacker could execute arbitrary code on the system via an ISAKMP packet with a large Certificate Request.

affected-products-logoAffected Products

Check Point SecuRemote/SecureClient 4.1 Bld 4200 & prior
Check Point VPN-1 Server 4.1 SP5a & prior
Check Point VPN-1 Server NG FP0
Check Point VPN-1 Server NG FP1

Impact logoImpact

System compromise.

recomended-action-logoRecommended Actions

Currently we are not aware of any official supplied fix for this issue.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)