Vulnerability Description
Stack-based buffer overflow in Check Point VPN-1 Server 4.1 through 4.1 SP6 and Check Point SecuRemote/SecureClient 4.1 through 4.1 build 4200 allows remote attackers to execute arbitrary code via an ISAKMP packet with a large Certificate Request packet.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Checkpoint | Firewall-1 | 4.1 |
| Checkpoint | Vpn-1 | 4.1 |
References
- http://marc.info/?l=bugtraq&m=107604682227031&w=2
- http://www.ciac.org/ciac/bulletins/o-073.shtml
- http://www.kb.cert.org/vuls/id/873334PatchThird Party AdvisoryUS Government Resource
- http://www.osvdb.org/3821
- http://www.osvdb.org/4432
- http://www.securityfocus.com/bid/9582PatchVendor Advisory
- http://xforce.iss.net/xforce/alerts/id/163
- https://exchange.xforce.ibmcloud.com/vulnerabilities/14150
- http://marc.info/?l=bugtraq&m=107604682227031&w=2
- http://www.ciac.org/ciac/bulletins/o-073.shtml
- http://www.kb.cert.org/vuls/id/873334PatchThird Party AdvisoryUS Government Resource
- http://www.osvdb.org/3821
- http://www.osvdb.org/4432
- http://www.securityfocus.com/bid/9582PatchVendor Advisory
- http://xforce.iss.net/xforce/alerts/id/163
FAQ
What is CVE-2004-0040?
CVE-2004-0040 is a vulnerability with a CVSS score of 10.0 (HIGH). Stack-based buffer overflow in Check Point VPN-1 Server 4.1 through 4.1 SP6 and Check Point SecuRemote/SecureClient 4.1 through 4.1 build 4200 allows remote attackers to execute arbitrary code via an ...
How severe is CVE-2004-0040?
CVE-2004-0040 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-0040?
Check the references section above for vendor advisories and patch information. Affected products include: Checkpoint Firewall-1, Checkpoint Vpn-1.