[16024] in bugtraq
FireWall-1 Port 264 Vulnerability response
daemon@ATHENA.MIT.EDU (Scott Walker Register)
Tue Aug 1 15:40:27 2000
X-Chameleon-Return-To: Scott Walker Register <scott.register@us.checkpoint.com>
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; CHARSET=ISO-8859-1
Message-Id: <Chameleon.965081241.walker@stinky>
Date: Mon, 31 Jul 2000 17:58:06 -0500
Reply-To: Scott Walker Register <scott.register@US.CHECKPOINT.COM>
From: Scott Walker Register <scott.register@US.CHECKPOINT.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
Recently, a message was posted to this mailing list with the following assertion:
If you flood port 264 ( FW1_topo ) from your local network, the Firewall-1
CPU reaches 100% and nobody can connect with GUI ( neither on the firewall
itself ).
However, after extensive testing using the source code provided by the author and other tools, Check Point has been unable to reproduce the error condition described. Check Point takes this and all other potential security issues very seriously; however, after thorough examination and testing, we do not believe this in an actual vulnerability. If anyone has successfully reproduced this condition or has further information, please contact SECURITY-ALERT@checkpoint.com.
Thanks,
-SwR
----------------------------------------------------------------
Scott.Register@us.CheckPoint.com || FireWall-1 Product Manager
Check Point Software Technologies, Inc.
2255 Glades Road / Suite 324A \ Boca Raton, FL 33431
Voice: 561.989.5418 | Fax: 561.997.5421 | 07/31/00 17:58:06
----------------------------------------------------------------
