CVE-2000-0804

Description

Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to bypass the directionality check via fragmented TCP connection requests or reopening closed TCP connection requests, aka "One-way Connection Enforcement Bypass."

Affected products

• checkpoint / firewall-13.0 – 3.0
• checkpoint / firewall-14.0 – 4.0
• checkpoint / firewall-14.1 – 4.1

References

• MISChttp://www.osvdb.org/4419
• MISChttp://www.checkpoint.com/techsupport/alerts/list_vun.html#One-way_Connection
• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/5468