A buffer overflow vulnerability in Check Point’s virtual private network
(VPN) products could put users at risk of network takeover, the company
warned in an advisory.
Check Point, which provides perimeter security software for corporate
networks, confirmed the existence of the flaw in the way its VPN
products handle the connection between the server and
client.
“In certain circumstances, this compromise could allow further network
compromise,” Check Point said in an alert
posted online. The company also issued patches to correct the flaw.
Check Point described the vulnerability as an ASN.1
and urged users to stop using the Aggressive Mode IKE (Internet Key Exchange) feature,
because it has “inherent security limitations.”
“When using IKE without enabling Aggressive Mode, the single packet
attack is not possible, as the attacker must initiate a real IKE negotiation
in order to perform the attack. The malformed IKE packet of this attack
vector must be encrypted, which prevents detection of it using a signature,”
the company said.
Check Point said it was unaware of any active exploits targeting its
customers.
Customers who do not use Remote Access VPNs or gateway-to-gateway VPNs,
or who have upgraded to current product versions (VPN-1/FireWall-1 R55
HFA-08, R54 HFA-412, and VPN-1 SecuRemote/SecureClient R56 HF1) are not
affected by this issue, Check Point said.