The Check Point VPN-1 firewall contains an information disclosure vulnerability that may allow an authenticated attacker to access data that they are not authorized to access.
The Check Point VPN-1 is an application layer firewall that supports remote and site-to-site virtual private networks (VPN).
From Check Point Solution ID sk34579
A remote, authenticated attacker may be able to intercept data that they are not authorized to access.
Check Point has released an update to address this vulnerability. Administrators should see Check Point Solution ID sk34579 for information about how to obtain fixed software.
Thanks to Robert Mitchell of Pursecurity and Check Point for information that was used in this report.
This document was written by Ryan Giobbi.
|Date First Published:||2008-03-18|
|Date Last Updated:||2008-03-18 17:47 UTC|