Description
Check Point Firewall-1 allows remote attackers to bypass port access restrictions on an FTP server by forcing it to send malicious packets that Firewall-1 misinterprets as a valid 227 response to a client's PASV attempt.
Affected products
- checkpoint / firewall-13.0 – 3.0
- checkpoint / firewall-14.0 – 4.0
- Cisco / pix_firewall_software4.1(6) – 4.1(6)
- Cisco / pix_firewall_software4.1(6b) – 4.1(6b)
- Cisco / pix_firewall_software4.2(1) – 4.2(1)
- Cisco / pix_firewall_software4.2(2) – 4.2(2)
- Cisco / pix_firewall_software4.3 – 4.3
- Cisco / pix_firewall_software4.4(4) – 4.4(4)
- Cisco / pix_firewall_software5.0 – 5.0