CVE-2004-2679

Check Point Firewall-1 4.1 up to NG AI R55 allows remote attackers to obtain potentially sensitive information by sending an Internet Key Exchange (IKE) with a certain Vendor ID payload that causes Firewall-1 to return a response containing version and other information.

Published: Dec 31, 2004
Updated: Apr 13, 2023
CVE: CVE-2004-2679
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.8
AV:N/AC:L/Au:N/C:C/I:N/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
checkpoint / firewall-1	4.1-sp1	4.1-sp1.x
checkpoint / firewall-1	4.1-sp5	4.1-sp5.x
checkpoint / firewall-1	4.0-sp2	4.0-sp2.x
checkpoint / firewall-1	4.0-sp6	4.0-sp6.x
checkpoint / firewall-1	4.1-sp3	4.1-sp3.x
checkpoint / firewall-1	4.0-sp3	4.0-sp3.x
checkpoint / firewall-1	4.1-sp6	4.1-sp6.x
checkpoint / firewall-1	4.0-sp7	4.0-sp7.x
checkpoint / firewall-1	4.0-sp4	4.0-sp4.x
checkpoint / firewall-1	4.1-sp5a	4.1-sp5a.x
checkpoint / firewall-1	4.1	4.1.x
checkpoint / firewall-1	4.1-sp4	4.1-sp4.x
checkpoint / firewall-1	4.0-sp5	4.0-sp5.x
checkpoint / firewall-1	4.0-sp8	4.0-sp8.x
checkpoint / firewall-1	4.0	4.0.x
checkpoint / firewall-1	4.0-sp1	4.0-sp1.x
checkpoint / firewall-1	r55	r55.x
checkpoint / firewall-1	4.1-sp2	4.1-sp2.x

Vulnerability Database

289,599

CVE-2004-2679