Check Point FireWall-1 Unauthorized RSH/REXEC Connection
Remote / Network Access
Loss of Integrity
FireWall-1 contains a flaw that may allow an attacker to bypass the rulesets controlling RSH/REXEC access. The issue is due to the firewall rulesets not properly validating all RSH/REXEC connections. If an attacker uses a specially formatted connection, they may be able to connect to any internal host.
Upgrade to version 4.0 SP7, 4.1 SP2 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.