Check Point Information for VU#464113
TCP/IP implementations handle unusual flag combinations inconsistently
- Vendor Information Help Date Notified: 23 Oct 2002
- Statement Date: 24 Oct 2002
- Date Updated: 25 Oct 2002
Check Point VPN-1/FireWall-1 products are engineered to provide the highest levels of security. VPN-1/FireWall-1 will automatically drop any invalid packet flag combinations including, but not limited to, those described in CERT VU# 464113. In addition, the Check Point SmartDefense product will provide additional logging and alerting if this type of attack is attempted.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.