Check Point Firewall-1 SMTP Resource Exhaustion Vulnerability

Bugtraq ID:	1416
Class:	Failure to Handle Exceptional Conditions
CVE:
Remote:	Yes
Local:	Yes
Published:	Jun 30 2000 12:00AM
Updated:	Jun 30 2000 12:00AM
Credit:	Posted to BugTraq on June 30, 2000 in an advisory by SecureXpert Labs, in which the following individuals are credited: Mike Murray, Max Degtyar, and Richard Reiner, all of SecureXpert Labs.
Vulnerable:	Check Point Software Firewall-1 4.1 Check Point Software Firewall-1 4.0
Not Vulnerable:

Check Point Firewall-1 SMTP Resource Exhaustion Vulnerability

This can easily be reproduced from a Linux system using netcat with an input of /dev/zero, with a command such as "nc firewall 25 < /dev/zero".

Check Point Firewall-1 SMTP Resource Exhaustion Vulnerability

Solution:
These latest Service Packs address the described denial of service issue. It is important to note that even without the new service packs installed, this attack does not disable firewall operations in general, only operation of the SMTP Security Server, since the Security Server operates with a lower processor priority than the FireWall-1 kernel module.


Check Point Software Firewall-1 4.0

• Check Point Software Service Packs
  http://www.checkpoint.com/techsupport/index.html

Check Point Software Firewall-1 4.1

• Check Point Software Service Packs
  http://www.checkpoint.com/techsupport/index.html

Check Point Firewall-1 SMTP Resource Exhaustion Vulnerability

References: