A Stateful Inspection of FireWall-1 – In this advisory we summarize our findings from BlackHat 2000 on Checkpoint Firewall-1. It is susceptible to several trivial attacks against its inter-module authentication protocols, IP address verification has flaws, FWN1 and FWA1 is vulnerable to a replay attack, Fastmode vulnerabilities, FWZ Encapsulation vulnerabilities, and Stateful Inspection problems, and much more. Included in the tarball is the presentation in two formats, the technical documentation for the vulnerabilities, and the source code used in the demonstation.
You can download it from the following link: https://packetstormsecurity.com/files/download/22939/blackhat-fw1.tgz
Source: https://packetstormsecurity.com/files/22939/blackhat-fw1.tgz.html