Check Point FireWall-1 Fragmented Packets DoS

2000-06-05T00:00:00
ID OSVDB:1379
Type osvdb
Reporter Lance Spitzner(lance@spitzner.net)
Modified 2000-06-05T00:00:00

Description

Vulnerability Description

FireWall-1 contains a flaw that may allow a remote denial of service. The issue is triggered when a remote attacker sends a large amount of incomplete framgented packets, and will result in loss of availability for the platform.

Solution Description

Upgrade to version 4.0 SP 6, 4.1 SP2 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

FireWall-1 contains a flaw that may allow a remote denial of service. The issue is triggered when a remote attacker sends a large amount of incomplete framgented packets, and will result in loss of availability for the platform.

References:

Vendor Specific Advisory URL Vendor Specific Advisory URL Nessus Plugin ID:11902 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2000-05/0473.html ISS X-Force ID: 4609 CVE-2000-0482 CERT VU: 35958 Bugtraq ID: 1312