CERTA-2004-AVI-258
Vulnerability from certfr_avis - Published: - Updated:
Une vulnérabilité a été découverte dans le serveur CheckPoint VPN-1.
Description
IKE (Internet Key Exchange) est un système utilisé pour la
négociation et l'échange de clés dans l'établissement d'un tunnel
chiffré de type VPN. Celui-ci utilise le protocole ISAKMP
(Internet Security Association
and Key Management Protocol) pour la gestion des clés.
ASN.1 (Abstract Syntax Notation) est un langage standardisé servant
a encoder des informations pour la communication entre des systèmes
hétérogènes. Il est utilisé par le protocole ISAKMP.
Une vulnérabilité présente dans CheckPoint VPN-1 permet à un utilisateur mal intentionné d'exécuter du code arbitraire lors de de l'établissement d'une connexion chiffrée d'un client à un réseau privé virtuel (VPN).
Solution
Appliquer le correctif fourni par CheckPoint selon la version affectée (cf. Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| N/A | N/A | VPN-1/FireWall-1 NG FP3 ASN.1 ; | ||
| N/A | N/A | VPN-1/FireWall-1 NG avec Application Intelligence R55W et R55 ASN.1; | ||
| N/A | N/A | VPN-1 SecuRemote/SecuClient NG avec Application Intelligence ; | ||
| N/A | N/A | Provider-1 NG avec Application Intelligence R54 et R55 ; | ||
| N/A | N/A | SSL Network Extender ; | ||
| N/A | N/A | VPN-1/FireWall-1 VSX 2.0.1 ASN.1. | ||
| N/A | N/A | FireWall-1 GX 2.0 et 2.5 ASN.1 ; | ||
| N/A | N/A | VPN-1/FireWall-1 VSX NG avec Application Intelligence ASN.1 ; | ||
| N/A | N/A | VPN-1/FireWall-1 NG avec Application Intelligence R54 et R55 ; |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "VPN-1/FireWall-1 NG FP3 ASN.1 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "VPN-1/FireWall-1 NG avec Application Intelligence R55W et R55 ASN.1;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "VPN-1 SecuRemote/SecuClient NG avec Application Intelligence ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Provider-1 NG avec Application Intelligence R54 et R55 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "SSL Network Extender ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "VPN-1/FireWall-1 VSX 2.0.1 ASN.1.",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "FireWall-1 GX 2.0 et 2.5 ASN.1 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "VPN-1/FireWall-1 VSX NG avec Application Intelligence ASN.1 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "VPN-1/FireWall-1 NG avec Application Intelligence R54 et R55 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\n`IKE` (`Internet Key Exchange`) est un syst\u00e8me utilis\u00e9 pour la\nn\u00e9gociation et l\u0027\u00e9change de cl\u00e9s dans l\u0027\u00e9tablissement d\u0027un tunnel\nchiffr\u00e9 de type VPN. Celui-ci utilise le protocole `ISAKMP`\n(`Internet Security Association` \n`and Key Management Protocol`) pour la gestion des cl\u00e9s. \n`ASN.1` (`Abstract Syntax Notation`) est un langage standardis\u00e9 servant\na encoder des informations pour la communication entre des syst\u00e8mes\nh\u00e9t\u00e9rog\u00e8nes. Il est utilis\u00e9 par le protocole `ISAKMP`.\n\nUne vuln\u00e9rabilit\u00e9 pr\u00e9sente dans CheckPoint VPN-1 permet \u00e0 un utilisateur\nmal intentionn\u00e9 d\u0027ex\u00e9cuter du code arbitraire lors de de l\u0027\u00e9tablissement\nd\u0027une connexion chiffr\u00e9e d\u0027un client \u00e0 un r\u00e9seau priv\u00e9 virtuel (VPN).\n\n## Solution\n\nAppliquer le correctif fourni par CheckPoint selon la version affect\u00e9e\n(cf. Documentation).\n",
"cves": [],
"links": [
{
"title": "Alerte de s\u00e9curit\u00e9 CheckPoint du 28 juillet 2004 :",
"url": "http://www.checkpoint.com/techsupport/alerts/asn1.html"
}
],
"reference": "CERTA-2004-AVI-258",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2004-07-29T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans le serveur CheckPoint VPN-1.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans Checkpoint VPN-1 ASN.1",
"vendor_advisories": [
{
"published_at": null,
"title": "Alerte de s\u00e9curit\u00e9 Checkpoint du 28 juillet 2004",
"url": null
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…