Obrir sessió
logo

DEFENSA DAVANT DE LES CIBERAMENACES

barra-separadora

Soporte de vulnerabilidades

Servicio de soporte de vulnerabilidadesAnálisis, notificación y seguimiento de aquellas vulnerabilidades más críticas, que impactan especialmente en las tecnologías empleadas en el sector público. El CCN-CERT trabajará en la recopilación y clasificación de las nuevas vulnerabilidades, realizando un análisis teórico y en laboratorio, cuando sea posible, de aquellas que por su criticidad lo requieran.

Se generarán documentos informativos o “abstracts” de dichas vulnerabilidades y se llevará a cabo un seguimiento de la evolución de la vulnerabilidad en Internet, alertando a los organismos ante cambios en la criticidad, aparición de parches, nuevas recomendaciones, constancia de explotaciones activas, etc.

Para inscribirse en este servicio o recibir más información, escribir al correo electrónico: soporte_acreditacion@ccn.cni.es

Abstracts:


Boletines de Vulnerabilidades


Desbordamiento de búfer en el procesado de ASN.1 afecta a productos Check Point VPN-1

Clasificación de la vulnerabilidad

Propiedad Valor
Nivel de Confianza Oficial
Impacto Obtener acceso
Dificultad Experto
Requerimientos del atacante Acceso remoto sin cuenta a un servicio estandar

Información sobre el sistema

Propiedad Valor
Fabricant afectat Networking
Software afectado Check Point VPN-1/FireWall-1 NG
Check Point VPN-1/FireWall-1 VSX NG & Application Intelligence,
Check Point Provider-1 NG
Check Point FireWall-1 GX v2.0

Descripción

Se ha descubierto una vulnerabilidad de desbordamiento de búfer en los productos Check Point VPN-1. La vulnerabilidad reside en el manejo de la codificación ASN.1 durante las negociaciones de un túnel VPN.

La explotación de esta vulnerabilidad podría permitir a un atacante remoto comprometer un dispositivo afectado y, por lo tanto, llegar a obtener acceso a la red que hay detrás suyo.

Solución



Software update

Check Point

VPN-1/FireWall-1 NG & Application Intelligence R55W - ASN.1 Hotfix
IPSO
http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=VPN-1/FireWall-1&version_selected=NG%20with%20Application%20Intelligence&os_selected=IPSO%203.7&patchlevel_selected=R55W
Linux
http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=VPN-1/FireWall-1&version_selected=NG%20with%20Application%20Intelligence&os_selected=Linux&patchlevel_selected=R55W
SecurePlatform
http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=VPN-1/FireWall-1&version_selected=NG%20with%20Application%20Intelligence&os_selected=SecurePlatform&patchlevel_selected=R55W
Solaris
http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=VPN-1/FireWall-1&version_selected=NG%20with%20Application%20Intelligence&os_selected=Solaris%202.9&patchlevel_selected=R55W
Windows
http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=VPN-1/FireWall-1&version_selected=NG%20with%20Application%20Intelligence&os_selected=Windows%202003&patchlevel_selected=R55W

VPN-1/FireWall-1 NG & Application Intelligence R55 ASN.1 HF
IPSO 3.8
http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=VPN-1/FireWall-1&version_selected=NG%20with%20Application%20Intelligence&os_selected=IPSO%203.8&patchlevel_selected=R55
Linux 3.0 (RHEL 3.0)
http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=VPN-1/FireWall-1&version_selected=NG%20with%20Application%20Intelligence&os_selected=Linux%203.0&patchlevel_selected=R55

VPN-1/FireWall-1 NG & Application Intelligence R55 HFA-08
IPSO
http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=VPN-1/FireWall-1&version_selected=NG%20with%20Application%20Intelligence&os_selected=IPSO%203.7&patchlevel_selected=R55%20-%20Hotfixes
Linux
http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=VPN-1/FireWall-1&version_selected=NG%20with%20Application%20Intelligence&os_selected=Linux&patchlevel_selected=R55%20-%20Hotfixes
SecurePlatform
http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=VPN-1/FireWall-1&version_selected=NG%20with%20Application%20Intelligence&os_selected=SecurePlatform&patchlevel_selected=R55%20-%20Hotfixes
Solaris
http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=VPN-1/FireWall-1&version_selected=NG%20with%20Application%20Intelligence&os_selected=Solaris%202.9&patchlevel_selected=R55%20-%20Hotfixes
Windows
http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=VPN-1/FireWall-1&version_selected=NG%20with%20Application%20Intelligence&os_selected=Windows%202003&patchlevel_selected=R55%20-%20Hotfixes

VPN-1/FireWall-1 NG with Application Intelligence R54 HFA-412
IPSO
http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=VPN-1/FireWall-1&version_selected=NG%20with%20Application%20Intelligence&os_selected=IPSO%203.7&patchlevel_selected=R54%20-%20Hotfixes
Linux
http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=VPN-1/FireWall-1&version_selected=NG%20with%20Application%20Intelligence&os_selected=Linux&patchlevel_selected=R54%20-%20Hotfixes
SecurePlatform
http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=VPN-1/FireWall-1&version_selected=NG%20with%20Application%20Intelligence&os_selected=SecurePlatform&patchlevel_selected=R54%20-%20Hotfixes
Solaris
http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=VPN-1/FireWall-1&version_selected=NG%20with%20Application%20Intelligence&os_selected=Solaris%202.9&patchlevel_selected=R54%20-%20Hotfixes
Windows
http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=VPN-1/FireWall-1&version_selected=NG%20with%20Application%20Intelligence&os_selected=Windows%202000&patchlevel_selected=R54%20-%20Hotfixes

VPN-1/FireWall-1 Next Generation FP3 ASN.1 Hotfix
IPSO
http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=VPN-1/FireWall-1&version_selected=NG&os_selected=IPSO%203.6&patchlevel_selected=FP3%20-%20Hotfixes
Linux
http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=VPN-1/FireWall-1&version_selected=NG&os_selected=Linux&patchlevel_selected=FP3%20-%20Hotfixes
SecurePlatform
http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=VPN-1/FireWall-1&version_selected=NG&os_selected=SecurePlatform%20FP3%20Edition%202&patchlevel_selected=FP3%20-%20Hotfixes
Solaris
http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=VPN-1/FireWall-1&version_selected=NG&os_selected=Solaris%202.8&patchlevel_selected=FP3%20-%20Hotfixes
Windows
http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=VPN-1/FireWall-1&version_selected=NG&os_selected=Windows%202000&patchlevel_selected=FP3%20-%20Hotfixes

VPN-1 SecuRemote/SecureClient NG & Application Intelligence
R56 HF-01
http://www.checkpoint.com/techsupport/downloads_sr.html
R55 HFA-03
http://www.checkpoint.com/techsupport/downloads_sr.html

Provider-1 NG & Application Intelligence R55 HFA-08
Linux
http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=Provider-1&version_selected=NG%20with%20Application%20Intelligence&os_selected=Linux&patchlevel_selected=R55%20-%20Hotfixes
SecurePlatform
http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=Provider-1&version_selected=NG%20with%20Application%20Intelligence&os_selected=SecurePlatform&patchlevel_selected=R55%20-%20Hotfixes
Solaris
http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=Provider-1&version_selected=NG%20with%20Application%20Intelligence&os_selected=Solaris%202.9&patchlevel_selected=R55%20-%20Hotfixes

Provider-1 NG & Application Intelligence R54 HFA-412
Solaris
http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=Provider-1&version_selected=NG%20with%20Application%20Intelligence&os_selected=Solaris%202.9&patchlevel_selected=R54%20-%20Hotfixes

FireWall-1 GX 2.5 ASN.1 Hotfix
IPSO
http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=FireWall-1%20GX&version_selected=v2.5&os_selected=IPSO&patchlevel_selected=v2.5
Linux
http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=FireWall-1%20GX&version_selected=v2.5&os_selected=Linux&patchlevel_selected=v2.5
SecurePlatform
http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=FireWall-1%20GX&version_selected=v2.5&os_selected=SecurePlatform&patchlevel_selected=v2.5
Solaris
http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=FireWall-1%20GX&version_selected=v2.5&os_selected=Solaris&patchlevel_selected=v2.5
Windows
http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=FireWall-1%20GX&version_selected=v2.5&os_selected=Windows&patchlevel_selected=v2.5

FireWall-1 GX 2.0 ASN.1 Hotfix
IPSO
http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=FireWall-1%20GX&version_selected=v2.0&os_selected=IPSO&patchlevel_selected=NG%20FP2%20-%20v2.0
Linux
http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=FireWall-1%20GX&version_selected=v2.0&os_selected=Linux&patchlevel_selected=NG%20FP2%20-%20v2.0
SecurePlatform
http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=FireWall-1%20GX&version_selected=v2.0&os_selected=SecurePlatform&patchlevel_selected=NG%20FP2%20-%20v2.0
Solaris
http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=FireWall-1%20GX&version_selected=v2.0&os_selected=Solaris&patchlevel_selected=NG%20FP2%20-%20v2.0
Windows
http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=FireWall-1%20GX&version_selected=v2.0&os_selected=Windows&patchlevel_selected=NG%20FP2%20-%20v2.0

SSL Network Extender
Linux
http://staging.us.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=SSL%20Network%20Extender&version_selected=NG%20with%20Application%20Intelligence&os_selected=Linux&patchlevel_selected=R55
SecurePlatform
http://staging.us.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=SSL%20Network%20Extender&version_selected=NG%20with%20Application%20Intelligence&os_selected=SecurePlatform&patchlevel_selected=R55
Solaris
http://staging.us.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=SSL%20Network%20Extender&version_selected=NG%20with%20Application%20Intelligence&os_selected=Solaris%202.9&patchlevel_selected=R55
Windows
http://staging.us.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=SSL%20Network%20Extender&version_selected=NG%20with%20Application%20Intelligence&os_selected=Windows%202003&patchlevel_selected=R55

VPN-1/FireWall-1 VSX NG with Application Intelligence
Release 2 ASN.1 Hotfix
IPSO
http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=VPN-1/FireWall-1%20VSX&version_selected=VSX%20NG%20with%20Application%20Intelligence%20Release%202&os_selected=IPSO%203.7&patchlevel_selected=VPN-1%20VSX%20Release%202

VPN-1/FireWall-1 VSX NG with Application Intelligence ASN.1 Hotfix
SecurePlatform
http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=VPN-1/FireWall-1%20VSX&version_selected=VSX%20NG%20with%20Application%20Intelligence&os_selected=SecurePlatform&patchlevel_selected=Initial%20Release

VPN-1/FireWall-1 VSX 2.0.1 ASN.1 Hotfix
Linux
http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=VPN-1/FireWall-1%20VSX&version_selected=VSX%202.0.1&os_selected=VSX%202.0.1%20SingleCD&patchlevel_selected=Initial%20Release%20-%20Hotfixes
SecurePlatform
http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=VPN-1/FireWall-1%20VSX&version_selected=VSX%202.0.1&os_selected=VSX%202.0.1%20SingleCD&patchlevel_selected=Initial%20Release%20-%20Hotfixes

Identificadores estándar

Propiedad Valor
CVE CAN-2004-0699
BID 10820

Recursos adicionales

Check Point July 28, 2004 ASN.1 Alert
http://www.checkpoint.com/techsupport/alerts/asn1.html

Internet Security Systems Protection Advisory
http://xforce.iss.net/xforce/alerts/id/178

Histórico de versiones

Versión Comentario Data
1.0 Aviso emitido 2004-07-29
1.1 Añadido aviso publicado por ISS. CAN añadido. 2004-07-30
Tornar

Este sitio web utiliza cookies propias y de terceros para el correcto funcionamiento y visualización del sitio web por parte del usuario, así como la recogida de estadísticas. Si continúa navegando, consideramos que acepta su uso. Puede cambiar la configuración u obtener más información. Modificar configuración