With FireWall-1 Version 4.0 Checkpoint introduced support for the Lightweight Directory Access Protocol (LDAP) for user authentication. It looks like there's a bug in Checkpoint's ldap code which under certain circumstances can lead to unauthorized access to protected systems behind the firewall.
2f81200bc55676da2428f3831cedb8e4b15c6bd29aae46ce2333a5340e0d9e94