Vulnerabilities > CVE-2004-0699 - Buffer Overflow vulnerability in Check Point VPN-1 ASN.1
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Heap-based buffer overflow in ASN.1 decoding library in Check Point VPN-1 products, when Aggressive Mode IKE is implemented, allows remote attackers to execute arbitrary code by initiating an IKE negotiation and then sending an IKE packet with malformed ASN.1 data.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
Nessus
| NASL family | Firewalls |
| NASL id | CHECKPOINT_FORMAT.NASL |
| description | The remote Check Point Firewall web server crashes when sent a specially formatted HTTP request. A remote attacker could use this to crash the web server, or possibly execute arbitrary code. This bug is a solid indicator that the server is vulnerable to several other Check Point FW-1 4.x bugs that Nessus did not check for. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 12084 |
| published | 2004-03-02 |
| reporter | This script is Copyright (C) 2004-2018 and is owned by Tenable, Inc. or an Affiliate thereof. |
| source | https://www.tenable.com/plugins/nessus/12084 |
| title | Check Point FireWall-1 4.x Multiple Vulnerabilities (OF, FS) |
References
- http://secunia.com/advisories/12177/
- http://securitytracker.com/alerts/2004/Jul/1010799.html
- http://www.checkpoint.com/techsupport/alerts/asn1.html
- http://www.ciac.org/ciac/bulletins/o-190.shtml
- http://www.kb.cert.org/vuls/id/435358
- http://www.osvdb.org/displayvuln.php?osvdb_id=8290
- http://www.securityfocus.com/bid/10820
- http://xforce.iss.net/xforce/alerts/id/178
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16824