ID CVE-2005-3673
Summary The Internet Key Exchange version 1 (IKEv1) implementation in Check Point products allows remote attackers to cause a denial of service via certain crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to.
References
Vulnerable Configurations
  • cpe:2.3:a:checkpoint:check_point
    cpe:2.3:a:checkpoint:check_point
  • Checkpoint Check Point Express CI R57
    cpe:2.3:a:checkpoint:express:ci_r57
  • cpe:2.3:a:checkpoint:firewall-1:3.0:-:gx
    cpe:2.3:a:checkpoint:firewall-1:3.0:-:gx
  • cpe:2.3:a:checkpoint:vpn-1:ngx_r60:-:pro
    cpe:2.3:a:checkpoint:vpn-1:ngx_r60:-:pro
  • Checkpoint VPN-1 Firewall-1 Next Generation R54
    cpe:2.3:a:checkpoint:vpn-1_firewall-1_next_generation:r54
  • Checkpoint VPN-1 Firewall-1 Next Generation R55
    cpe:2.3:a:checkpoint:vpn-1_firewall-1_next_generation:r55
  • Checkpoint VPN-1 Firewall-1 Next Generation R55P
    cpe:2.3:a:checkpoint:vpn-1_firewall-1_next_generation:r55p
  • Checkpoint VPN-1 Firewall-1 Next Generation R55W
    cpe:2.3:a:checkpoint:vpn-1_firewall-1_next_generation:r55w
CVSS
Base: 7.8 (as of 30-11-2005 - 16:58)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
refmap via4
bid 15479
cert-vn VU#226364
confirm http://secureknowledge.us.checkpoint.com/SecureKnowledge/viewSolutionDocument.do?id=sk31316
misc
sectrack 1015235
secunia 17621
vupen ADV-2005-2470
Last major update 07-03-2011 - 21:26
Published 18-11-2005 - 16:03
Back to Top