Sign-up

ID

VAR-200407-0061


CVE

CVE-2004-0469


TITLE

Check Point VPN-1 ISAKMP Remote Buffer Overflow Vulnerability

Trust: 0.9

sources: BID: 10273 // CNNVD: CNNVD-200407-001

DESCRIPTION

Buffer overflow in the ISAKMP functionality for Check Point VPN-1 and FireWall-1 NG products, before VPN-1/FireWall-1 R55 HFA-03, R54 HFA-410 and NG FP3 HFA-325, or VPN-1 SecuRemote/SecureClient R56, may allow remote attackers to execute arbitrary code during VPN tunnel negotiation. Check Point VPN-1/Firewall-1 Is VPN When negotiating tunnels, ISAKMP There is a vulnerability that does not properly perform boundary checking in the processing part of the protocol.Arbitrary code may be executed. Specifically, a buffer overflow condition may be triggered by sending a malformed ISAKMP packet during the negotiations. Check Point Software user who do not use Remote Access VPNs or gateway-to-gateway VPNs are not vulnerable to this issue. Due to a lack of details, further information cannot be provided at the moment. This BID will be updated as more information becomes available. Check Point Firewall-1 is a high-performance firewall, Checkpoint VPN-1 server and Checkpoint VPN client provide VPN access for remote client computers. The IKE component of these products allows non-directional or bi-directional authentication of two remote peers

Trust: 1.98

sources: NVD: CVE-2004-0469 // JVNDB: JVNDB-2004-000175 // BID: 10273 // VULHUB: VHN-8899

AFFECTED PRODUCTS

vendor:checkpointmodel:ng-aiscope:eqversion:r54

Trust: 1.6

vendor:checkpointmodel:firewall-1scope:eqversion:2.0.1

Trust: 1.6

vendor:checkpointmodel:vpn-1scope:eqversion:vsx_2.0.1

Trust: 1.6

vendor:checkpointmodel:firewall-1scope:eqversion:2.0

Trust: 1.6

vendor:checkpointmodel:ng-aiscope:eqversion:r55

Trust: 1.6

vendor:checkpointmodel:vpn-1scope:eqversion:vsx_ng_with_application_intelligence

Trust: 1.6

vendor:checkpointmodel:next generationscope:eqversion:*

Trust: 1.0

vendor:checkpointmodel:firewall-1scope:eqversion:*

Trust: 1.0

vendor:check pointmodel:vpn-1/firewall-1scope:eqversion:ng fp2

Trust: 0.8

vendor:check pointmodel:vpn-1/firewall-1scope:eqversion:ng fp3

Trust: 0.8

vendor:check pointmodel:vpn-1/firewall-1scope:eqversion:ng with application intelligence (r54)

Trust: 0.8

vendor:check pointmodel:vpn-1/firewall-1scope:eqversion:ng with application intelligence (r55)

Trust: 0.8

vendor:checkpointmodel:next generationscope:eqversion:fp3

Trust: 0.6

vendor:checkpointmodel:firewall-1scope:eqversion:vsx-ng-ai

Trust: 0.6

vendor:checkmodel:point software vpn-1 vsx ng with application intelligencescope: - version: -

Trust: 0.3

vendor:checkmodel:point software vpn-1 vsxscope:eqversion:2.0.1

Trust: 0.3

vendor:checkmodel:point software securemote ng with application intelligence r56scope: - version: -

Trust: 0.3

vendor:checkmodel:point software secureclient ng with application intelligence r56scope: - version: -

Trust: 0.3

vendor:checkmodel:point software ng-ai r55scope: - version: -

Trust: 0.3

vendor:checkmodel:point software ng-ai r54scope: - version: -

Trust: 0.3

vendor:checkmodel:point software next generation fp3 hf2scope: - version: -

Trust: 0.3

vendor:checkmodel:point software next generation fp3 hf1scope: - version: -

Trust: 0.3

vendor:checkmodel:point software next generation fp3scope: - version: -

Trust: 0.3

vendor:checkmodel:point software firewall-1 vsx ng with application intelligencescope: - version: -

Trust: 0.3

vendor:checkmodel:point software firewall-1 vsxscope:eqversion:2.0.1

Trust: 0.3

vendor:checkmodel:point software firewall-1 gxscope:eqversion:2.0

Trust: 0.3

sources: BID: 10273 // JVNDB: JVNDB-2004-000175 // CNNVD: CNNVD-200407-001 // NVD: CVE-2004-0469

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2004-0469
value: HIGH

Trust: 1.0

NVD: CVE-2004-0469
value: HIGH

Trust: 0.8

CNNVD: CNNVD-200407-001
value: CRITICAL

Trust: 0.6

VULHUB: VHN-8899
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2004-0469
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-8899
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-8899 // JVNDB: JVNDB-2004-000175 // CNNVD: CNNVD-200407-001 // NVD: CVE-2004-0469

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2004-0469

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200407-001

TYPE

Boundary Condition Error

Trust: 0.9

sources: BID: 10273 // CNNVD: CNNVD-200407-001

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2004-000175

PATCH
title:ike_vpnurl:http://www.checkpoint.com/techsupport/alerts/ike_vpn.html
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2004-000175

EXTERNAL IDS
db:NVDid:CVE-2004-0469
Trust: 2.8
db:BIDid:10273
Trust: 2.8
db:SECUNIAid:11546
Trust: 0.8
db:JVNDBid:JVNDB-2004-000175
Trust: 0.8
db:CNNVDid:CNNVD-200407-001
Trust: 0.7
db:XFid:16060
Trust: 0.6
db:XFid:1
Trust: 0.6
db:CHECKPOINTid:20040504 ISAKMP VULNERABILITY
Trust: 0.6
db:VULHUBid:VHN-8899
Trust: 0.1
sources:
            
            
            VULHUB: VHN-8899 // 
            
            
            
            BID: 10273 // 
            
            
            
            JVNDB: JVNDB-2004-000175 // 
            
            
            
            CNNVD: CNNVD-200407-001 // 
            
            
            
            NVD: CVE-2004-0469

REFERENCES
url:http://www.securityfocus.com/bid/10273
Trust: 2.5
url:http://www.checkpoint.com/techsupport/alerts/ike_vpn.html
Trust: 2.0
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/16060
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2004-0469
Trust: 0.8
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2004-0469
Trust: 0.8
url:http://secunia.com/advisories/11546/
Trust: 0.8
url:http://xforce.iss.net/xforce/xfdb/16060
Trust: 0.6
sources:
            
            
            VULHUB: VHN-8899 // 
            
            
            
            BID: 10273 // 
            
            
            
            JVNDB: JVNDB-2004-000175 // 
            
            
            
            CNNVD: CNNVD-200407-001 // 
            
            
            
            NVD: CVE-2004-0469

CREDITS
Check Point Software
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-200407-001

SOURCES
db:VULHUBid:VHN-8899
db:BIDid:10273
db:JVNDBid:JVNDB-2004-000175
db:CNNVDid:CNNVD-200407-001
db:NVDid:CVE-2004-0469

LAST UPDATE DATE
2024-08-14T12:33:36.574000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-8899date:2017-07-11T00:00:00
db:BIDid:10273date:2009-07-12T04:07:00
db:JVNDBid:JVNDB-2004-000175date:2007-04-01T00:00:00
db:CNNVDid:CNNVD-200407-001date:2005-10-20T00:00:00
db:NVDid:CVE-2004-0469date:2017-07-11T01:30:11.090

SOURCES RELEASE DATE
db:VULHUBid:VHN-8899date:2004-07-07T00:00:00
db:BIDid:10273date:2004-05-04T00:00:00
db:JVNDBid:JVNDB-2004-000175date:2007-04-01T00:00:00
db:CNNVDid:CNNVD-200407-001date:2004-05-04T00:00:00
db:NVDid:CVE-2004-0469date:2004-07-07T04:00:00