FireWall-1 4.1 with a limited-IP license allows remote attackers to cause a denial of service by sending a large number of spoofed IP packets with various source addresses to the inside interface, which floods the console with warning messages and consumes CPU resources.
https://exchange.xforce.ibmcloud.com/vulnerabilities/5966
http://www.securityfocus.com/bid/2238
http://archives.neohapsis.com/archives/bugtraq/2001-01/0298.html