Heads up to all CheckPoint VPN-1 firewall users, this just posted today 5/4/2004...

An ISAKMP vulnerability has been discovered affecting Check Point VPN-1 products during negotiations of a VPN tunnel which may cause a buffer overrun, potentially compromising the gateway. In certain circumstances, this compromise could allow further network compromise.

Check Point Software customers who do not use Remote Access VPNs or gateway-to-gateway VPNs, or who have upgraded to current product versions (VPN-1/FireWall-1 R55 HFA-03, R54 HFA-410 and NG FP3 HFA-325, or VPN-1 SecuRemote/SecureClient R56) are NOT affected by this vulnerability.

More at... http://www.checkpoint.com/techsuppor...s/ike_vpn.html
Note: if you dont use the remote access VPN or gateway-to-gateway functions in this product you are not vulnerable.