int(792)

Boletines de Vulnerabilidades


Desbordamiento de búfer en productos Check Point VPN-1

Clasificación de la vulnerabilidad

Propiedad Valor
Nivel de Confianza Oficial
Impacto Compromiso Root
Dificultad Experto
Requerimientos del atacante Acceso remoto sin cuenta a un servicio estandar

Información sobre el sistema

Propiedad Valor
Fabricante afectado Networking
Software afectado Check Point VPN-1

Descripción

Se ha descubierto una vulnerabilidad de desbordamiento de búfer en productos Check Point VPN-1. El desbordamiento de búfer se da durante la negociación de un túnel VPN.

La explotación de esta vulnerabilidad podría permitir a un atacante remoto comprometer un dispositivo afectado por esta vulnerabilidad mediante el uso de paquetes ISAKMP especialmente diseñados.

Solución



Actualización de software

Check Point

VPN-1/FireWall-1 NG & Application Intelligence R55 - Hotfix HFA-03
IPSO
http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=VPN-1/FireWall-1&version_selected=NG%20with%20Application%20Intelligence&os_selected=IPSO%203.7&patchlevel_selected=R55%20-%20Hotfixes
Linux
http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=VPN-1/FireWall-1&version_selected=NG%20with%20Application%20Intelligence&os_selected=Linux&patchlevel_selected=R55%20-%20Hotfixes
SecurePlatform
http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=VPN-1/FireWall-1&version_selected=NG%20with%20Application%20Intelligence&os_selected=SecurePlatform&patchlevel_selected=R55%20-%20Hotfixes
Solaris
http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=VPN-1/FireWall-1&version_selected=NG%20with%20Application%20Intelligence&os_selected=Solaris%202.8&patchlevel_selected=R55%20-%20Hotfixes
Windows
http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=VPN-1/FireWall-1&version_selected=NG%20with%20Application%20Intelligence&os_selected=Windows%20NT&patchlevel_selected=R55%20-%20Hotfixes

VPN-1/FireWall-1 NG & Application Intelligence R54 - HFA-410
IPSO
http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=VPN-1/FireWall-1&version_selected=NG%20with%20Application%20Intelligence&os_selected=IPSO%203.7&patchlevel_selected=R54%20-%20Hotfixes
Linux
http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=VPN-1/FireWall-1&version_selected=NG%20with%20Application%20Intelligence&os_selected=Linux&patchlevel_selected=R54%20-%20Hotfixes
SecurePlatform
http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=VPN-1/FireWall-1&version_selected=NG%20with%20Application%20Intelligence&os_selected=SecurePlatform&patchlevel_selected=R54%20-%20Hotfixes
Solaris
http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=VPN-1/FireWall-1&version_selected=NG%20with%20Application%20Intelligence&os_selected=Solaris%202.8&patchlevel_selected=R54%20-%20Hotfixes
Windows
http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=VPN-1/FireWall-1&version_selected=NG%20with%20Application%20Intelligence&os_selected=Windows%20NT&patchlevel_selected=R54%20-%20Hotfixes

VPN-1/FireWall-1 Next Generation FP3 - HFA-325
IPSO
http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=VPN-1/FireWall-1&version_selected=NG&os_selected=IPSO%203.6&patchlevel_selected=FP3%20-%20Hotfixes
Linux
http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=VPN-1/FireWall-1&version_selected=NG&os_selected=Linux&patchlevel_selected=FP3%20-%20Hotfixes
SecurePlatform
http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=VPN-1/FireWall-1&version_selected=NG&os_selected=SecurePlatform%20FP3%20Edition%202&patchlevel_selected=FP3%20-%20Hotfixes
Solaris
http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=VPN-1/FireWall-1&version_selected=NG&os_selected=Solaris%202.8&patchlevel_selected=FP3%20-%20Hotfixes
Windows
http://www.checkpoint.com/techsupport/downloadApp/displayDownloads.jsp?the_product=VPN-1/FireWall-1&version_selected=NG&os_selected=Windows%20NT&patchlevel_selected=FP3%20-%20Hotfixes

VPN-1/FireWall-1 VSX NG & Application Intelligence - Hotfix
SecurePlatform
http://www.checkpoint.com/support/downloads/bin/vpn_des/vsx/ngai/linux/vpn_hf_vsx_ngai_april_2004_linux.zip

VPN-1/FireWall-1 VSX 2.0.1 - Hotfix
SecurePlatform
http://www.checkpoint.com/support/downloads/bin/vpn_des/vsx/2.0.1/linux/vpn_hf_vsx_201_april_2004_linux.zip

FireWall-1 GX 2.0 - Hotfix
IPSO
http://www.checkpoint.com/support/downloads/bin/vpn_des/gx/v2.0/ipso/cp_ike_hotfix_apr_2004_gx20_ipso.gz
Linux
http://www.checkpoint.com/support/downloads/bin/vpn_des/gx/v2.0/linux/cp_ike_hotfix_apr_2004_gx20_linux.gz
SecurePlatform
http://www.checkpoint.com/support/downloads/bin/vpn_des/gx/v2.0/linux/cp_ike_hotfix_apr_2004_gx20_linux.gz
Solaris
http://www.checkpoint.com/support/downloads/bin/vpn_des/gx/v2.0/solaris/cp_ike_hotfix_apr_2004_gx20_solaris2.gz

VPN-1 SecuRemote/SecureClient NG & Application Intelligence R5
Descargas públicas
http://www.checkpoint.com/techsupport/freedownloads.html

Identificadores estándar

Propiedad Valor
CVE CAN-2004-0469
BID

Recursos adicionales

Check Point Alert
http://www.checkpoint.com/techsupport/alerts/ike_vpn.html

Histórico de versiones

Versión Comentario Fecha
1.0 Aviso emitido 2004-05-05
1.1 CAN añadido 2004-06-30

Miembros de

Ministerio de Defensa
CNI
CCN
CCN-CERT