CVE-2009-1227 – Check Point Firewall-1 - PKI Web Service HTTP Header Remote Overflow

https://notcve.org/view.php?id=CVE-2009-1227

NOTE: this issue has been disputed by the vendor. Buffer overflow in the PKI Web Service in Check Point Firewall-1 PKI Web Service allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long (1) Authorization or (2) Referer HTTP header to TCP port 18624. NOTE: the vendor has disputed this issue, stating "Check Point Security Alert Team has analyzed this report. We've tried to reproduce the attack on all VPN-1 versions from NG FP2 and above with and without HFAs. The issue was not reproduced. • https://www.exploit-db.com/exploits/8313 http://archives.neohapsis.com/archives/fulldisclosure/2009-03/0463.html http://www.securityfocus.com/archive/1/502256/100/0/threaded http://www.securityfocus.com/bid/34286 http://www.securitytracker.com/id?1021948 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •