Check Point Information for VU#873334
Check Point ISAKMP vulnerable to buffer overflow via Certificate Request
The reported issue does not exist in recent versions of VPN-1/FireWall-1 Next Generation (NG) FP2 and later, including all versions of Next Generation Application Intelligence (NG AI). Nor does this issue exist in VPN-1/FireWall-1 4.1 SP6. The issue was also fixed in the same versions of our VPN client products, SecureClient and SecuRemote.
This issue was fixed during 2002 for all our product lines. There is a very small number of customers that are still using versions prior to 4.1 SP6 and NG prior to FP2; The number of them that use VPN is significantly smaller, hence the vulnerability applies to a very small number of existing deployments.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.