CVE-2004-0469 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Checkpoint Firewall-1

3 documents3 sources

Severity

10.0CRITICALNVD

EPSS

6.5%

top 8.91%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Checkpoint Firewall-1 Checkpoint Ng-ai Checkpoint Vpn-1

Timeline

PublishedJul 7

Latest updateApr 29

Description

Buffer overflow in the ISAKMP functionality for Check Point VPN-1 and FireWall-1 NG products, before VPN-1/FireWall-1 R55 HFA-03, R54 HFA-410 and NG FP3 HFA-325, or VPN-1 SecuRemote/SecureClient R56, may allow remote attackers to execute arbitrary code during VPN tunnel negotiation.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages3 packages

▶NVDcheckpoint/firewall-12.0, 2.0.1+1

▶NVDcheckpoint/ng-air54, r55+1

▶NVDcheckpoint/vpn-1vsx_2.0.1, vsx_ng_with_application_intelligence+1

Patches

Patch: www.checkpoint.com ↗Patch: www.securityfocus.com ↗Patch: www.checkpoint.com ↗

🔴Vulnerability Details

GHSA

GHSA-p3pq-pvrp-rwx3: Buffer overflow in the ISAKMP functionality for Check Point VPN-1 and FireWall-1 NG products, before VPN-1/FireWall-1 R55 HFA-03, R54 HFA-410 and NG F↗2022-04-29

▶

CVEList

CVE-2004-0469: Buffer overflow in the ISAKMP functionality for Check Point VPN-1 and FireWall-1 NG products, before VPN-1/FireWall-1 R55 HFA-03, R54 HFA-410 and NG F↗2004-05-14

▶