RE: [Full-Disclosure] Checkpoint ISAKMP issue?

["Vitor Ventura" <vventura@xxxxxxxx>]

I think it was in January that X-Force reported a problem with something like 
this and Checkpoint said it wasn't the report. 
And now they prepare the patch in April 19th and only at the 5th of May the 
report the vulnerability.

Is it just me, or it seems like it was vulnerable from the beginning.


-----Original Message-----
From:   arlen [mailto:arlen@xxxxxxxxxxxx]
Sent:   Wed 5/5/2004 12:47 PM
To:     full-disclosure@xxxxxxxxxxxxxxxx
Cc:     
Subject:        [Full-Disclosure] Checkpoint  ISAKMP issue?
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

hi all,

Checkpoint report a vulnerability with their VPN-1 software (which AFAIK
means pretty much all FW-1 firewalls) in the ISAKMP code used during
initial tunnel setup. Anyone have any more details than those on the
Checkpoint site at http://www.checkpoint.com/techsupport/alerts/ike_vpn.html
?



r_len

-----BEGIN PGP SIGNATURE-----
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 2.4

wkYEARECAAYFAkCY1JkACgkQtd50JL6MBE+FUQCfW7PuG/xWyu0f/jPEvo3EQb9MQ0UA
oLmYiERFctgghFOO5+9DlIAEBM0I
=RkrI
-----END PGP SIGNATURE-----




Concerned about your privacy? Follow this link to get
FREE encrypted email: https://www.hushmail.com/?l=2

Free, ultra-private instant messaging with Hush Messenger
https://www.hushmail.com/services.php?subloc=messenger&l=434

Promote security and make money with the Hushmail Affiliate Program: 
https://www.hushmail.com/about.php?subloc=affiliate&l=427

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html