[VIM] Vendor dispute of Check Point overflow (CVE-2009-1227)
Steven M. Christey
coley at linus.mitre.org
Tue Apr 7 17:21:49 UTC 2009
cve at mitre received the following dispute by Check Point for
Check Point Security Alert Team has analyzed this report. We've
tried to reproduce the attack on all VPN-1 versions from NG FP2 and
above with and without HFAs. The issue was not reproduced. We have
conducted a thorough analysis of the relevant code and verified that
we are secure against this attack. We consider this attack to pose
no risk to Check Point customers.
str0ke - if you were able to successfully test this before publishing as
MILW0RM:8313, that would be informative.
More information about the VIM