VYPR

Firewall 1

by Checkpoint

CVEs (45)

  • CVE-2004-0079HigNov 23, 2004
    risk 0.50cvss 7.5epss 0.10

    The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.

  • CVE-2009-1227Apr 2, 2009
    risk 0.04cvss epss 0.07

    NOTE: this issue has been disputed by the vendor. Buffer overflow in the PKI Web Service in Check Point Firewall-1 PKI Web Service allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long (1) Authorization or (2) Referer HTTP…

  • CVE-2002-1623Dec 31, 2002
    risk 0.04cvss epss 0.49

    The design of the Internet Key Exchange (IKE) protocol, when using Aggressive Mode for shared secret authentication, does not encrypt initiator or responder identities during negotiation, which may allow remote attackers to determine valid usernames by (1) monitoring responses…

  • CVE-2001-1303Jul 18, 2001
    risk 0.04cvss epss 0.09

    The default configuration of SecuRemote for Check Point Firewall-1 allows remote attackers to obtain sensitive configuration information for the protected network without authentication.

  • CVE-2000-0582Jun 30, 2000
    risk 0.04cvss epss 0.07

    Check Point FireWall-1 4.0 and 4.1 allows remote attackers to cause a denial of service by sending a stream of invalid commands (such as binary zeros) to the SMTP Security Server proxy.

  • CVE-2000-0482Jun 6, 2000
    risk 0.04cvss epss 0.06

    Check Point Firewall-1 allows remote attackers to cause a denial of service by sending a large number of malformed fragmented IP packets.

  • CVE-2003-0757Oct 20, 2003
    risk 0.03cvss epss 0.03

    Check Point FireWall-1 4.0 and 4.1 before SP5 allows remote attackers to obtain the IP addresses of internal interfaces via certain SecuRemote requests to TCP ports 256 or 264, which leaks the IP addresses in a reply packet.

  • CVE-2001-0082Feb 12, 2001
    risk 0.03cvss epss 0.02

    Check Point VPN-1/FireWall-1 4.1 SP2 with Fastmode enabled allows remote attackers to bypass access restrictions via malformed, fragmented packets.

  • CVE-2000-1037Dec 11, 2000
    risk 0.03cvss epss 0.03

    Check Point Firewall-1 session agent 3.0 through 4.1 generates different error messages for invalid user names versus invalid passwords, which allows remote attackers to determine valid usernames and guess a password via a brute force attack.

  • CVE-2000-0116Jan 29, 2000
    risk 0.03cvss epss 0.02

    Firewall-1 does not properly filter script tags, which allows remote attackers to bypass the "Strip Script Tags" restriction by including an extra < in front of the SCRIPT tag.

  • CVE-1999-0770Jul 29, 1999
    risk 0.03cvss epss 0.01

    Firewall-1 sets a long timeout for connections that begin with ACK or other packets except SYN, allowing an attacker to conduct a denial of service via a large number of connection attempts to unresponsive systems.

  • CVE-2004-0112Nov 23, 2004
    risk 0.01cvss epss 0.10

    The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake…

  • CVE-2004-0081Nov 23, 2004
    risk 0.01cvss epss 0.07

    OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.

  • CVE-2004-0039Mar 3, 2004
    risk 0.01cvss epss 0.09

    Multiple format string vulnerabilities in HTTP Application Intelligence (AI) component in Check Point Firewall-1 NG-AI R55 and R54, and Check Point Firewall-1 HTTP Security Server included with NG FP1, FP2, and FP3 allows remote attackers to execute arbitrary code via HTTP…

  • CVE-2004-0040Mar 3, 2004
    risk 0.01cvss epss 0.08

    Stack-based buffer overflow in Check Point VPN-1 Server 4.1 through 4.1 SP6 and Check Point SecuRemote/SecureClient 4.1 through 4.1 build 4200 allows remote attackers to execute arbitrary code via an ISAKMP packet with a large Certificate Request packet.

  • CVE-2006-3885Jul 27, 2006
    risk 0.00cvss epss 0.03

    Directory traversal vulnerability in Check Point Firewall-1 R55W before HFA03 allows remote attackers to read arbitrary files via an encoded .. (dot dot) in the URL on TCP port 18264.

  • CVE-2005-3673Nov 18, 2005
    risk 0.00cvss epss 0.05

    The Internet Key Exchange version 1 (IKEv1) implementation in Check Point products allows remote attackers to cause a denial of service via certain crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the advisory,…

  • CVE-2004-2679Dec 31, 2004
    risk 0.00cvss epss 0.01

    Check Point Firewall-1 4.1 up to NG AI R55 allows remote attackers to obtain potentially sensitive information by sending an Internet Key Exchange (IKE) with a certain Vendor ID payload that causes Firewall-1 to return a response containing version and other information.

  • CVE-2004-0699Sep 28, 2004
    risk 0.00cvss epss 0.06

    Heap-based buffer overflow in ASN.1 decoding library in Check Point VPN-1 products, when Aggressive Mode IKE is implemented, allows remote attackers to execute arbitrary code by initiating an IKE negotiation and then sending an IKE packet with malformed ASN.1 data.

  • CVE-2004-0469Jul 7, 2004
    risk 0.00cvss epss 0.05

    Buffer overflow in the ISAKMP functionality for Check Point VPN-1 and FireWall-1 NG products, before VPN-1/FireWall-1 R55 HFA-03, R54 HFA-410 and NG FP3 HFA-325, or VPN-1 SecuRemote/SecureClient R56, may allow remote attackers to execute arbitrary code during VPN tunnel…

Page 1 of 3