The bounds check for the rhostname was improperly constructed in the EAP request and response functions, which could allow a buffer overflow to occur.
Configuring to connect to a malicious server can expose the system to this vulnerability.
This problem was fixed. For Gaia OS,
the fix is included in:
For Gaia Embedded, this problem was fixed for the 1500 appliance. This fix is included in:
For other appliances and versions, contact Check Point Support
to get a Hotfix for this issue.
- PMTR-50836 , SMB-11853 , PRJ-10805 , PRJ-10197