May 4th, 2004, 07:25 PM
CheckPoint firewall VPN-1 vulnerability (ISAKMP)
Heads up to all CheckPoint VPN-1 firewall users, this just posted today 5/4/2004...
Note: if you dont use the remote access VPN or gateway-to-gateway functions in this product you are not vulnerable.
An ISAKMP vulnerability has been discovered affecting Check Point VPN-1 products during negotiations of a VPN tunnel which may cause a buffer overrun, potentially compromising the gateway. In certain circumstances, this compromise could allow further network compromise.
Check Point Software customers who do not use Remote Access VPNs or gateway-to-gateway VPNs, or who have upgraded to current product versions (VPN-1/FireWall-1 R55 HFA-03, R54 HFA-410 and NG FP3 HFA-325, or VPN-1 SecuRemote/SecureClient R56) are NOT affected by this vulnerability.
More at... http://www.checkpoint.com/techsuppor...s/ike_vpn.html
May 4th, 2004, 09:30 PM
As I've been told over and over again by various "professional" security "gurus"; there are no vulnerabilities in Checkpoint products. Who am I supposed to believe?? hmmmm..
Sorry I just like rubbing some noses in this. If you take offense, then you probably should.
Mankind have a great aversion to intellectual labor; but even supposing knowledge to be easily attainable, more people would be content to be ignorant than would take even a little trouble to acquire it.
- Samuel Johnson