Notified: June 26, 2009 Updated: November 05, 2009
Statement Date: October 15, 2009
No statement is currently available from the vendor regarding this vulnerability.
On September 08, 2009 when CERT-FI has published the Sockstress advisory (CVE-2008-4609) Check Point has released protections that mitigate both Sockstress and NKiller2 attacks. The following SecureKnowledge articles discuss these advisories: sk42723: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk42723
This issue is being tracked internally by Product Defect Number PD4-899333484. Workaround: Use the "access-profile" to allow only the trusted IP address, while enabling TCP based applications (like telnet, ssh, http, https) on the switch.
The vendor has not provided us with any further information regarding this vulnerability.