[VIM] Vendor dispute of Check Point overflow (CVE-2009-1227)
str0ke
str0ke at milw0rm.com
Tue Apr 7 20:51:39 UTC 2009
Didn't check it out, pretty sure I grabbed it from one of the lists :(
/str0ke
Steven M. Christey wrote:
> All,
>
> cve at mitre received the following dispute by Check Point for
> CVE-2009-1227:
>
> Check Point Security Alert Team has analyzed this report. We've
> tried to reproduce the attack on all VPN-1 versions from NG FP2 and
> above with and without HFAs. The issue was not reproduced. We have
> conducted a thorough analysis of the relevant code and verified that
> we are secure against this attack. We consider this attack to pose
> no risk to Check Point customers.
>
> str0ke - if you were able to successfully test this before publishing as
> MILW0RM:8313, that would be informative.
>
> - Steve
>
>
More information about the VIM
mailing list