A buffer overflow was discovered in the SSL_get_shared_ciphers() utility function (See OpenSSL Security Advisory ). Vulnerability exists in OpenSSL versions 0.9.7 - 0.9.7k, 0.9.8 - 0.9.8c, and earlier versions.
By sending a very long list of ciphers to an application that uses the vulnerable function, a remote attacker could overflow a buffer and execute arbitrary code on the system, or cause the application to crash.
All Check Point products and versions do not use the vulnerable function; therefore vulnerability CVE-2006-3738 does not affect Check Point product-code.
|
This solution is about products that are no longer supported and it will not be updated
|