{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"VPN-1/FireWall-1 NG FP3 ASN.1 ;","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"VPN-1/FireWall-1 NG avec Application Intelligence R55W et R55 ASN.1;","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"VPN-1 SecuRemote/SecuClient NG avec Application Intelligence ;","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"Provider-1 NG avec Application Intelligence R54 et R55 ;","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"SSL Network Extender ;","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"VPN-1/FireWall-1 VSX 2.0.1 ASN.1.","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"FireWall-1 GX 2.0 et 2.5 ASN.1 ;","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"VPN-1/FireWall-1 VSX NG avec Application Intelligence ASN.1 ;","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"VPN-1/FireWall-1 NG avec Application Intelligence R54 et R55 ;","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}}],"affected_systems_content":null,"content":"## Description\n\n`IKE` (`Internet Key Exchange`) est un syst\u00e8me utilis\u00e9 pour la\nn\u00e9gociation et l'\u00e9change de cl\u00e9s dans l'\u00e9tablissement d'un tunnel\nchiffr\u00e9 de type VPN. Celui-ci utilise le protocole `ISAKMP`\n(`Internet Security  Association`  \n`and Key Management Protocol`) pour la gestion des cl\u00e9s.  \n`ASN.1` (`Abstract Syntax Notation`) est un langage standardis\u00e9 servant\na encoder des informations pour la communication entre des syst\u00e8mes\nh\u00e9t\u00e9rog\u00e8nes. Il est utilis\u00e9 par le protocole `ISAKMP`.\n\nUne vuln\u00e9rabilit\u00e9 pr\u00e9sente dans CheckPoint VPN-1 permet \u00e0 un utilisateur\nmal intentionn\u00e9 d'ex\u00e9cuter du code arbitraire lors de de l'\u00e9tablissement\nd'une connexion chiffr\u00e9e d'un client \u00e0 un r\u00e9seau priv\u00e9 virtuel (VPN).\n\n## Solution\n\nAppliquer le correctif fourni par CheckPoint selon la version affect\u00e9e\n(cf. Documentation).\n","cves":[],"links":[{"title":"Alerte de s\u00e9curit\u00e9 CheckPoint du 28 juillet 2004 :","url":"http://www.checkpoint.com/techsupport/alerts/asn1.html"}],"reference":"CERTA-2004-AVI-258","revisions":[{"description":"version initiale.","revision_date":"2004-07-29T00:00:00.000000"}],"risks":[{"description":"Ex\u00e9cution de code arbitraire"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"}],"summary":"Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans le serveur CheckPoint VPN-1.\n","title":"Vuln\u00e9rabilit\u00e9 dans Checkpoint VPN-1 ASN.1","vendor_advisories":[{"published_at":null,"title":"Alerte de s\u00e9curit\u00e9 Checkpoint du 28 juillet 2004","url":null}]}