Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
checkpoint firewall-1 4.1 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2000-1037
Check Point Firewall-1 session agent 3.0 up to and including 4.1 generates different error messages for invalid user names versus invalid passwords, which allows remote malicious users to determine valid usernames and guess a password via a brute force attack.
Checkpoint Firewall-1 3.0
Checkpoint Firewall-1 4.0
Checkpoint Firewall-1 4.1
2 EDB exploits
7.5
CVSSv2
CVE-2000-0779
Checkpoint Firewall-1 with the RSH/REXEC setting enabled allows remote malicious users to bypass access restrictions and connect to a RSH/REXEC client via malformed connection requests.
Checkpoint Firewall-1 4.0
Checkpoint Firewall-1 4.1
Checkpoint Firewall-1 3.0
7.5
CVSSv2
CVE-2000-0804
Check Point VPN-1/FireWall-1 4.1 and previous versions allows remote malicious users to bypass the directionality check via fragmented TCP connection requests or reopening closed TCP connection requests, aka "One-way Connection Enforcement Bypass."
Checkpoint Firewall-1 4.1
Checkpoint Firewall-1 3.0
Checkpoint Firewall-1 4.0
7.5
CVSSv2
CVE-2000-0805
Check Point VPN-1/FireWall-1 4.1 and previous versions improperly retransmits encapsulated FWS packets, even if they do not come from a valid FWZ client, aka "Retransmission of Encapsulated Packets."
Checkpoint Firewall-1 3.0
Checkpoint Firewall-1 4.0
Checkpoint Firewall-1 4.1
5
CVSSv2
CVE-2000-0806
The inter-module authentication mechanism (fwa1) in Check Point VPN-1/FireWall-1 4.1 and previous versions may allow remote malicious users to conduct a denial of service, aka "Inter-module Communications Bypass."
Checkpoint Firewall-1 4.1
Checkpoint Firewall-1 3.0
Checkpoint Firewall-1 4.0
7.5
CVSSv2
CVE-2000-0807
The OPSEC communications authentication mechanism (fwn1) in Check Point VPN-1/FireWall-1 4.1 and previous versions allows remote malicious users to spoof connections, aka the "OPSEC Authentication Vulnerability."
Checkpoint Firewall-1 3.0
Checkpoint Firewall-1 4.0
Checkpoint Firewall-1 4.1
7.5
CVSSv2
CVE-2000-0808
The seed generation mechanism in the inter-module S/Key authentication mechanism in Check Point VPN-1/FireWall-1 4.1 and previous versions allows remote malicious users to bypass authentication via a brute force attack, aka "One-time (s/key) Password Authentication."
Checkpoint Firewall-1 4.1
Checkpoint Firewall-1 3.0
Checkpoint Firewall-1 4.0
5
CVSSv2
CVE-2000-0809
Buffer overflow in Getkey in the protocol checker in the inter-module communication mechanism in Check Point VPN-1/FireWall-1 4.1 and previous versions allows remote malicious users to cause a denial of service.
Checkpoint Firewall-1 3.0
Checkpoint Firewall-1 4.0
Checkpoint Firewall-1 4.1
5
CVSSv2
CVE-2000-0813
Check Point VPN-1/FireWall-1 4.1 and previous versions allows remote malicious users to redirect FTP connections to other servers ("FTP Bounce") via invalid FTP commands that are processed improperly by FireWall-1, aka "FTP Connection Enforcement Bypass."
Checkpoint Firewall-1 4.1
Checkpoint Firewall-1 3.0
Checkpoint Firewall-1 4.0
7.8
CVSSv2
CVE-2004-2679
Check Point Firewall-1 4.1 up to NG AI R55 allows remote malicious users to obtain potentially sensitive information by sending an Internet Key Exchange (IKE) with a certain Vendor ID payload that causes Firewall-1 to return a response containing version and other information.
Checkpoint Firewall-1 4.0
Checkpoint Firewall-1 4.1
Checkpoint Firewall-1 R55
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
race condition
CVE-2024-4249
CVE-2024-4244
CVE-2023-20198
TCP
CVE-2022-48648
CVE-2022-48636
CVE-2024-21345
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »