Full Disclosure mailing list archives

RE: Checkpoint ISAKMP issue?

From: Mark Fagan <r00t () online ie>
Date: Wed, 5 May 2004 18:41:36 +0100

Vitor,

I think you will find the current CP vulnerability is quite a lot different to 
the vulnerability discovered in February.

Cheers

Mark

Quoting Vitor Ventura <vventura () cesce pt>:

I think it was in January that X-Force reported a problem with something like
this and Checkpoint said it wasn't the report. 
And now they prepare the patch in April 19th and only at the 5th of May the
report the vulnerability.

Is it just me, or it seems like it was vulnerable from the beginning.


-----Original Message-----
From: arlen [mailto:arlen () hushmail com]
Sent: Wed 5/5/2004 12:47 PM
To:   full-disclosure () lists netsys com
Cc:   
Subject:      [Full-Disclosure] Checkpoint  ISAKMP issue?
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

hi all,

Checkpoint report a vulnerability with their VPN-1 software (which AFAIK
means pretty much all FW-1 firewalls) in the ISAKMP code used during
initial tunnel setup. Anyone have any more details than those on the
Checkpoint site at http://www.checkpoint.com/techsupport/alerts/ike_vpn.html
?



r_len

-----BEGIN PGP SIGNATURE-----
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 2.4

wkYEARECAAYFAkCY1JkACgkQtd50JL6MBE+FUQCfW7PuG/xWyu0f/jPEvo3EQb9MQ0UA
oLmYiERFctgghFOO5+9DlIAEBM0I
=RkrI
-----END PGP SIGNATURE-----




Concerned about your privacy? Follow this link to get
FREE encrypted email: https://www.hushmail.com/?l=2

Free, ultra-private instant messaging with Hush Messenger
https://www.hushmail.com/services.php?subloc=messenger&l=434

Promote security and make money with the Hushmail Affiliate Program: 
https://www.hushmail.com/about.php?subloc=affiliate&l=427

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html




_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

Checkpoint ISAKMP issue? arlen (May 05)
- <Possible follow-ups>
- RE: Checkpoint ISAKMP issue? Vitor Ventura (May 05)
  - RE: Checkpoint ISAKMP issue? Mark Fagan (May 05)