checkpoint vpn-1 firewall-1 4.1 vulnerabilities and exploits

(subscribe to this query)

10

CVSSv2

Stack-based buffer overflow in Check Point VPN-1 Server 4.1 up to and including 4.1 SP6 and Check Point SecuRemote/SecureClient 4.1 up to and including 4.1 build 4200 allows remote malicious users to execute arbitrary code via an ISAKMP packet with a large Certificate Request pac...

Checkpoint Firewall-1 4.1 Checkpoint Vpn-1 Next Generation Fp0 Checkpoint Vpn-1 Next Generation Fp1 Checkpoint Firewall-1 Next Generation Fp1 Checkpoint Vpn-1 4.1 Checkpoint Firewall-1 Next Generation Fp0

5

CVSSv2

The design of the Internet Key Exchange (IKE) protocol, when using Aggressive Mode for shared secret authentication, does not encrypt initiator or responder identities during negotiation, which may allow remote malicious users to determine valid usernames by (1) monitoring respon...

Checkpoint Vpn-1 Firewall-1 4.0 Checkpoint Vpn-1 Firewall-1 4.1

7.5

CVSSv2

Heap-based buffer overflow in ASN.1 decoding library in Check Point VPN-1 products, when Aggressive Mode IKE is implemented, allows remote malicious users to execute arbitrary code by initiating an IKE negotiation and then sending an IKE packet with malformed ASN.1 data.

Checkpoint Firewall-1 4.1 Checkpoint Vpn-1

7.5

CVSSv2

Format string vulnerability in Check Point VPN-1/FireWall-1 4.1 allows a remote authenticated firewall administrator to execute arbitrary code via format strings in the control connection.

Checkpoint Firewall-1 4.1 Checkpoint Vpn-1 4.1 Checkpoint Provider-1 4.1

5

CVSSv2

Nokia Firewall Appliances running IPSO 3.3 and VPN-1/FireWall-1 4.1 Service Pack 3, IPSO 3.4 and VPN-1/FireWall-1 4.1 Service Pack 4, and IPSO 3.4 or IPSO 3.4.1 and VPN-1/FireWall-1 4.1 Service Pack 5, when SYN Defender is configured in Active Gateway mode, does not properly rewr...

Checkpoint Vpn-1 4.1 Checkpoint Firewall-1 4.1 Nokia Firewall Appliance Ipso 3.41 Nokia Firewall Appliance Ipso 3.3 Nokia Firewall Appliance Ipso 3.4

7.5

CVSSv2

The OPSEC communications authentication mechanism (fwn1) in Check Point VPN-1/FireWall-1 4.1 and previous versions allows remote malicious users to spoof connections, aka the "OPSEC Authentication Vulnerability."

Checkpoint Firewall-1 3.0 Checkpoint Firewall-1 4.0 Checkpoint Firewall-1 4.1

7.5

CVSSv2

Check Point VPN-1/FireWall-1 4.1 and previous versions improperly retransmits encapsulated FWS packets, even if they do not come from a valid FWZ client, aka "Retransmission of Encapsulated Packets."

Checkpoint Firewall-1 3.0 Checkpoint Firewall-1 4.0 Checkpoint Firewall-1 4.1

5

CVSSv2

The inter-module authentication mechanism (fwa1) in Check Point VPN-1/FireWall-1 4.1 and previous versions may allow remote malicious users to conduct a denial of service, aka "Inter-module Communications Bypass."

Checkpoint Firewall-1 4.1 Checkpoint Firewall-1 3.0 Checkpoint Firewall-1 4.0

5

CVSSv2

Buffer overflow in Getkey in the protocol checker in the inter-module communication mechanism in Check Point VPN-1/FireWall-1 4.1 and previous versions allows remote malicious users to cause a denial of service.

Checkpoint Firewall-1 3.0 Checkpoint Firewall-1 4.0 Checkpoint Firewall-1 4.1

7.5

CVSSv2

Check Point VPN-1/FireWall-1 4.1 and previous versions allows remote malicious users to bypass the directionality check via fragmented TCP connection requests or reopening closed TCP connection requests, aka "One-way Connection Enforcement Bypass."

Checkpoint Firewall-1 4.1 Checkpoint Firewall-1 3.0 Checkpoint Firewall-1 4.0

Get Started

1 2 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook