CheckPoint firewall VPN-1 vulnerability (ISAKMP)

[ric-o]

Heads up to all CheckPoint VPN-1 firewall users, this just posted today 5/4/2004...

An ISAKMP vulnerability has been discovered affecting Check Point VPN-1 products during negotiations of a VPN tunnel which may cause a buffer overrun, potentially compromising the gateway. In certain circumstances, this compromise could allow further network compromise.

Check Point Software customers who do not use Remote Access VPNs or gateway-to-gateway VPNs, or who have upgraded to current product versions (VPN-1/FireWall-1 R55 HFA-03, R54 HFA-410 and NG FP3 HFA-325, or VPN-1 SecuRemote/SecureClient R56) are NOT affected by this vulnerability.

More at... http://www.checkpoint.com/techsuppor...s/ike_vpn.html

Note: if you dont use the remote access VPN or gateway-to-gateway functions in this product you are not vulnerable.

[KorpDeath]

As I've been told over and over again by various "professional" security "gurus"; there are no vulnerabilities in Checkpoint products. Who am I supposed to believe?? hmmmm..

Sorry I just like rubbing some noses in this. If you take offense, then you probably should.