[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Full-Disclosure] Checkpoint ISAKMP issue?

To: Vitor Ventura <vventura@xxxxxxxx>
Subject: RE: [Full-Disclosure] Checkpoint ISAKMP issue?
From: Mark Fagan <r00t@xxxxxxxxx>
Date: Wed, 5 May 2004 18:41:36 +0100

Vitor,

I think you will find the current CP vulnerability is quite a lot different to 
the vulnerability discovered in February.

Cheers

Mark

Quoting Vitor Ventura <vventura@xxxxxxxx>:

> I think it was in January that X-Force reported a problem with something like
> this and Checkpoint said it wasn't the report. 
> And now they prepare the patch in April 19th and only at the 5th of May the
> report the vulnerability.
> 
> Is it just me, or it seems like it was vulnerable from the beginning.
> 
> 
> -----Original Message-----
> From: arlen [mailto:arlen@xxxxxxxxxxxx]
> Sent: Wed 5/5/2004 12:47 PM
> To:   full-disclosure@xxxxxxxxxxxxxxxx
> Cc:   
> Subject:      [Full-Disclosure] Checkpoint  ISAKMP issue?
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> hi all,
> 
> Checkpoint report a vulnerability with their VPN-1 software (which AFAIK
> means pretty much all FW-1 firewalls) in the ISAKMP code used during
> initial tunnel setup. Anyone have any more details than those on the
> Checkpoint site at http://www.checkpoint.com/techsupport/alerts/ike_vpn.html
> ?
> 
> 
> 
> r_len
> 
> -----BEGIN PGP SIGNATURE-----
> Note: This signature can be verified at https://www.hushtools.com/verify
> Version: Hush 2.4
> 
> wkYEARECAAYFAkCY1JkACgkQtd50JL6MBE+FUQCfW7PuG/xWyu0f/jPEvo3EQb9MQ0UA
> oLmYiERFctgghFOO5+9DlIAEBM0I
> =RkrI
> -----END PGP SIGNATURE-----
> 
> 
> 
> 
> Concerned about your privacy? Follow this link to get
> FREE encrypted email: https://www.hushmail.com/?l=2
> 
> Free, ultra-private instant messaging with Hush Messenger
> https://www.hushmail.com/services.php?subloc=messenger&l=434
> 
> Promote security and make money with the Hushmail Affiliate Program: 
> https://www.hushmail.com/about.php?subloc=affiliate&l=427
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
> 
> 
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
> 



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- RE: [Full-Disclosure] Checkpoint ISAKMP issue?
  - From: Vitor Ventura

Prev by Date: [Full-Disclosure] Fwd: Virus Worm.Bagle.H-zippwd-1 detected in mail
Next by Date: Re: [Full-Disclosure] Few n00b questions about this phatbot thing
Previous by thread: RE: [Full-Disclosure] Checkpoint ISAKMP issue?
Next by thread: [Full-Disclosure] Titan FTP Server Aborted LIST DoS
Index(es):
- Date
- Thread