RealTime IT News

Check Point Patches Buffer Overflows

A buffer overflow vulnerability in Check Point's virtual private network (VPN) products could put users at risk of network takeover, the company warned in an advisory.

Check Point, which provides perimeter security software for corporate networks, confirmed the existence of the flaw in the way its VPN products handle the connection between the server and client.

"In certain circumstances, this compromise could allow further network compromise," Check Point said in an alert posted online. The company also issued patches to correct the flaw.

Check Point described the vulnerability as an ASN.1 issue and urged users to stop using the Aggressive Mode IKE (Internet Key Exchange) feature, because it has "inherent security limitations."

"When using IKE without enabling Aggressive Mode, the single packet attack is not possible, as the attacker must initiate a real IKE negotiation in order to perform the attack. The malformed IKE packet of this attack vector must be encrypted, which prevents detection of it using a signature," the company said.

Check Point said it was unaware of any active exploits targeting its customers.

Customers who do not use Remote Access VPNs or gateway-to-gateway VPNs, or who have upgraded to current product versions (VPN-1/FireWall-1 R55 HFA-08, R54 HFA-412, and VPN-1 SecuRemote/SecureClient R56 HF1) are not affected by this issue, Check Point said.