Heap-based buffer overflow in ASN.1 decoding library in Check Point VPN-1 products, when Aggressive Mode IKE is implemented, allows remote attackers to execute arbitrary code by initiating an IKE negotiation and then sending an IKE packet with malformed ASN.1 data.
Software | From | Fixed in |
---|---|---|
checkpoint / firewall-1 | 4.1-sp6 | 4.1-sp6.x |
checkpoint / vpn-1 | - | - |