Check Point Affected

Notified:  January 05, 2001 Updated: February 06, 2001



Vendor Statement

Not all hosts protected by the firewall are vulnerable, only a specific subset: hosts used in the "Destination" column of a rule utilizing Fastmode, or hosts at least one router hop away from the firewall Also, the hosts must be reachable/routable from the attacker's side of the firewall; ie, in order for a host to be vulnerable, either no address translation or static (1-to-1) address translation must be used for that hosts. In a network using RFC 1918 addresses, where all outbound hosts hide behind a single IP address, none of the protected hosts would be vulnerable.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.


The CERT/CC has no additional comments at this time.