CVE-2004-0040 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Checkpoint Firewall-1

4 documents4 sources

Severity

10.0CRITICALNVD

EPSS

25.9%

top 3.72%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Checkpoint Firewall-1 Checkpoint Vpn-1

Timeline

PublishedMar 3

Latest updateApr 29

Description

Stack-based buffer overflow in Check Point VPN-1 Server 4.1 through 4.1 SP6 and Check Point SecuRemote/SecureClient 4.1 through 4.1 build 4200 allows remote attackers to execute arbitrary code via an ISAKMP packet with a large Certificate Request packet.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages2 packages

▶NVDcheckpoint/vpn-14.1, next_generation_fp0, next_generation_fp1+2

▶NVDcheckpoint/firewall-14.1, next_generation_fp0, next_generation_fp1+2

Patches

Patch: www.kb.cert.org ↗Patch: www.securityfocus.com ↗Patch: www.kb.cert.org ↗

🔴Vulnerability Details

GHSA

GHSA-g6gr-9gwj-m25x: Stack-based buffer overflow in Check Point VPN-1 Server 4↗2022-04-29

▶

CVEList

CVE-2004-0040: Stack-based buffer overflow in Check Point VPN-1 Server 4↗2004-09-01

▶

💥Exploits & PoCs

Exploit-DB

Apple Mac OSX 10.4.8 (8L2127) - 'crashdump' Local Privilege Escalation↗2007-01-29

▶