Support Center > Search Results > SecureKnowledge Details
Check Point response to OpenSSL vulnerability CVE-2006-3738 Technical Level
Symptoms
  • Check Point products are not vulnerable to OpenSSL SSL_get_shared_ciphers() buffer overflow (CVE-2006-3738).
Solution

A buffer overflow was discovered in the SSL_get_shared_ciphers() utility function (See OpenSSL Security Advisory ). Vulnerability exists in OpenSSL versions 0.9.7 - 0.9.7k, 0.9.8 - 0.9.8c, and earlier versions.

By sending a very long list of ciphers to an application that uses the vulnerable function, a remote attacker could overflow a buffer and execute arbitrary code on the system, or cause the application to crash.

All Check Point products and versions do not use the vulnerable function; therefore vulnerability CVE-2006-3738 does not affect Check Point product-code.

This solution is about products that are no longer supported and it will not be updated

Give us Feedback
Please rate this document
[1=Worst,5=Best]
Comment