Vulnerabilities > CVE-2004-0699 - Unspecified vulnerability in Checkpoint Firewall-1 and Vpn-1

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

checkpoint

nessus

NVD

Published: 2004-09-28

Updated: 2024-11-20

Summary

Heap-based buffer overflow in ASN.1 decoding library in Check Point VPN-1 products, when Aggressive Mode IKE is implemented, allows remote attackers to execute arbitrary code by initiating an IKE negotiation and then sending an IKE packet with malformed ASN.1 data.

Vulnerable Configurations

Part	Description	Count
Application	Checkpoint Checkpoint Firewall 1 4.1 Checkpoint VPN 1 *	2

Nessus

NASL family	Firewalls
NASL id	CHECKPOINT_FORMAT.NASL
description	The remote Check Point Firewall web server crashes when sent a specially formatted HTTP request. A remote attacker could use this to crash the web server, or possibly execute arbitrary code. This bug is a solid indicator that the server is vulnerable to several other Check Point FW-1 4.x bugs that Nessus did not check for.
last seen	2020-06-01
modified	2020-06-02
plugin id	12084
published	2004-03-02
reporter	This script is Copyright (C) 2004-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/12084
title	Check Point FireWall-1 4.x Multiple Vulnerabilities (OF, FS)

Summary

Vulnerable Configurations

Nessus

References