Vulnerabilities > CVE-2004-0040 - Buffer Overflow vulnerability in Check Point VPN-1/SecuRemote ISAKMP Large Certificate Request Payload
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Stack-based buffer overflow in Check Point VPN-1 Server 4.1 through 4.1 SP6 and Check Point SecuRemote/SecureClient 4.1 through 4.1 build 4200 allows remote attackers to execute arbitrary code via an ISAKMP packet with a large Certificate Request packet.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 12 |
References
- http://marc.info/?l=bugtraq&m=107604682227031&w=2
- http://www.ciac.org/ciac/bulletins/o-073.shtml
- http://www.kb.cert.org/vuls/id/873334
- http://www.osvdb.org/3821
- http://www.osvdb.org/4432
- http://www.securityfocus.com/bid/9582
- http://xforce.iss.net/xforce/alerts/id/163
- https://exchange.xforce.ibmcloud.com/vulnerabilities/14150