Madrid, February 9 2004 - US-CERT has reported -at
http://www.us-cert.gov/cas/techalerts/TA04-036A.html - a serious security problem affecting several versions of Check Point Firewall-1.
According to the US-CERT alert, this security flaw could allow commands to be run on the firewall with administrator privileges. It could also be
exploited to launch a Denial of Service (DoS) attack on the affected firewalls (listed below):
- Check Point Firewall-1 NG FCS
- Check Point Firewall-1 NG FP1
- Check Point Firewall-1 NG FP2
- Check Point Firewall-1 NG FP3, HF2
- Check Point Firewall-1 NG with Application Intelligence R54
- Check Point Firewall-1 NG with Application Intelligence R55
The vulnerability lies in the Application Intelligence (AI) component of Check Point Firewall-1: a proxy that analyzes traffic to detect application level attacks, and in HTTP Security Server, the component with similar
functions in earlier versions. The problem is caused when AI or HTTP Security Server scan HTTP traffic, and can be exploited by an attacker through a specially crafted invalid HTTP request. When the firewall receives the request, it generates an error message which could cause the buffer overflow.
Check Point has released -at
http://www.checkpoint.com/techsupport/alerts/security_server.html - an update which corrects the vulnerability.

Chowhound
Comic Vine
GameFAQs
GameSpot
Giant Bomb
TechRepublic