Vigil@nce - Check Point Security Gateway: denial of service via SYN Flood
October 2012 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
When the Check Point Security Gateway firewall receives more than
120 000 TCP SYN packets per second, it consumes numerous CPU
resources.
Impacted products: CheckPoint Security Gateway, VPN-1
Severity: 1/4
Creation date: 24/10/2012
DESCRIPTION OF THE VULNERABILITY
The SYN flag of the TCP protocol is used to initialize sessions.
When the Check Point Security Gateway firewall receives more than
120 000 TCP SYN packets per second, it consumes numerous CPU
resources.
This denial of service is not caused by a vulnerability, but Check
Point offers methods/patches to optimize performances.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Check-Point-Security-Gateway-denial-of-service-via-SYN-Flood-12090