Check Point Patches Buffer Overflows
VPN products at risk of network takeover.
Check Point, which provides perimeter security software for corporate networks, confirmed the existence of the flaw in the way its VPN (define) products handle the connection between the server and client.
''In certain circumstances, this compromise could allow further network compromise,'' Check Point said in an alert posted online. The company also issued patches to correct the flaw.
Check Point described the vulnerability as an ASN.1 (define) issue and urged users to stop using the Aggressive Mode IKE (Internet Key Exchange) feature, because it has ''inherent security limitations''.
Check Point said it was unaware of any active exploits targeting its customers.
Customers who do not use Remote Access VPNs or gateway-to-gateway VPNs, or who have upgraded to current product versions (VPN-1/FireWall-1 R55 HFA-08, R54 HFA-412, and VPN-1 SecuRemote/SecureClient R56 HF1) are not affected by this issue, Check Point said.
This article was first published on internetnews.com.