Check Point SecurePlatform Multiple Buffer Overflow Vulnerabilities
BID:25886
Info
Check Point SecurePlatform Multiple Buffer Overflow Vulnerabilities
| Bugtraq ID: | 25886 |
| Class: | Boundary Condition Error |
| CVE: | |
| Remote: | Yes |
| Local: | Yes |
| Published: | Oct 01 2007 12:00AM |
| Updated: | Oct 17 2007 08:27PM |
| Credit: | Hugo Vazquez Carames discovered these issues. |
| Vulnerable: |
Check Point Software VPN-1 Power/UTM NGX R60 Check Point Software SecurePlatform R60_HFA_05 |
| Not Vulnerable: | |
Discussion
Check Point SecurePlatform Multiple Buffer Overflow Vulnerabilities
Applications that use the Check Point SecurePlatform are prone to multiple buffer-overflow vulnerabilities because the platform fails to perform adequate boundary checks on user-supplied data.
An attacker an exploit these issues to execute arbitrary code in the context of the application. Failed attempts could crash the application and deny service to legitimate users.
This issue is locally exploitable, but remote exploits may also be possible.
This issue affects SecurePlatform R60; other versions may also be affected.
Applications that use the Check Point SecurePlatform are prone to multiple buffer-overflow vulnerabilities because the platform fails to perform adequate boundary checks on user-supplied data.
An attacker an exploit these issues to execute arbitrary code in the context of the application. Failed attempts could crash the application and deny service to legitimate users.
This issue is locally exploitable, but remote exploits may also be possible.
This issue affects SecurePlatform R60; other versions may also be affected.
Exploit / POC
Check Point SecurePlatform Multiple Buffer Overflow Vulnerabilities
A proof-of-concept exploit is available. Please see the referenced PDF document for more information.
A proof-of-concept exploit is available. Please see the referenced PDF document for more information.
Solution / Fix
Check Point SecurePlatform Multiple Buffer Overflow Vulnerabilities
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
References
Check Point SecurePlatform Multiple Buffer Overflow Vulnerabilities
References:
References:
- Check Point SecurePlatform Hack (Pentest)
- Check Point Software Homepage (Check Point Software)
- CheckPoint Secure Platform Multiple Buffer Overflows (Hugo Vazquez Carames )
- Re: RE: CheckPoint Secure Platform Multiple Buffer Overflows ( [email protected])