Description
Heap-based buffer overflow in ASN.1 decoding library in Check Point VPN-1 products, when Aggressive Mode IKE is implemented, allows remote attackers to execute arbitrary code by initiating an IKE negotiation and then sending an IKE packet with malformed ASN.1 data.
Affected products
References
- MISChttp://www.checkpoint.com/techsupport/alerts/asn1.html
- MISChttp://securitytracker.com/alerts/2004/Jul/1010799.html
- MISChttp://www.kb.cert.org/vuls/id/435358
- MISChttp://www.osvdb.org/displayvuln.php?osvdb_id=8290
- MISChttp://www.securityfocus.com/bid/10820
- VENDOR_ADVISORYhttp://secunia.com/advisories/12177/
- MISChttp://xforce.iss.net/xforce/alerts/id/178
- MISChttp://www.ciac.org/ciac/bulletins/o-190.shtml
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/16824