Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
checkpoint firewall-1 ng vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2002-2405
Check Point FireWall-1 4.1 and Next Generation (NG), with UserAuth configured to proxy HTTP traffic only, allows remote malicious users to pass unauthorized HTTPS, FTP and possibly other traffic through the firewall.
Checkpoint Firewall-1 4.1
Checkpoint Firewall-1 Ng
NA
CVE-2004-0469
Buffer overflow in the ISAKMP functionality for Check Point VPN-1 and FireWall-1 NG products, before VPN-1/FireWall-1 R55 HFA-03, R54 HFA-410 and NG FP3 HFA-325, or VPN-1 SecuRemote/SecureClient R56, may allow remote malicious users to execute arbitrary code during VPN tunnel neg...
Checkpoint Next Generation
Checkpoint Vpn-1 Vsx Ng With Application Intelligence
Checkpoint Vpn-1 Vsx 2.0.1
Checkpoint Ng-ai R54
Checkpoint Firewall-1 2.0
Checkpoint Ng-ai R55
Checkpoint Firewall-1
Checkpoint Firewall-1 2.0.1
NA
CVE-2004-2679
Check Point Firewall-1 4.1 up to NG AI R55 allows remote malicious users to obtain potentially sensitive information by sending an Internet Key Exchange (IKE) with a certain Vendor ID payload that causes Firewall-1 to return a response containing version and other information.
Checkpoint Firewall-1 4.1
Checkpoint Firewall-1 4.0
Checkpoint Firewall-1 R55
NA
CVE-2004-0699
Heap-based buffer overflow in ASN.1 decoding library in Check Point VPN-1 products, when Aggressive Mode IKE is implemented, allows remote malicious users to execute arbitrary code by initiating an IKE negotiation and then sending an IKE packet with malformed ASN.1 data.
Checkpoint Firewall-1 4.1
Checkpoint Vpn-1
NA
CVE-2004-0039
Multiple format string vulnerabilities in HTTP Application Intelligence (AI) component in Check Point Firewall-1 NG-AI R55 and R54, and Check Point Firewall-1 HTTP Security Server included with NG FP1, FP2, and FP3 allows remote malicious users to execute arbitrary code via HTTP ...
Checkpoint Firewall-1
NA
CVE-2008-1397
Check Point VPN-1 Power/UTM, with NGX R60 through R65 and NG AI R55 software, allows remote authenticated users to cause a denial of service (site-to-site VPN tunnel outage), and possibly intercept network traffic, by configuring the local RFC1918 IP address to be the same as one...
Checkpoint Vpn-1 Power Utm With Ngx R65
Checkpoint Check Point Vpn-1 Pro Ngx R61
Checkpoint Vpn-1 Ngx R60
Checkpoint Vpn-1 Power Utm Ngx R65 With Messaging Security
Checkpoint Vpn-1 Firewall-1 Ng Ai R55
Checkpoint Check Point Vpn-1 Pro Ngx R62 Ga
NA
CVE-2009-1227
NOTE: this issue has been disputed by the vendor. Buffer overflow in the PKI Web Service in Check Point Firewall-1 PKI Web Service allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a long (1) Authorization or (2) Referer HT...
Checkpoint Firewall-1 Pki Web Service -
1 EDB exploit
NA
CVE-2004-0112
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote malicious users to cause a denial of service (crash) via a crafted SSL/TLS handshak...
Cisco Firewall Services Module
Symantec Clientless Vpn Gateway 4400 5.0
Hp Apache-based Web Server 2.0.43.00
Cisco Firewall Services Module 1.1.3
Cisco Firewall Services Module 1.1.2
Hp Aaa Server
Cisco Firewall Services Module 1.1 (3.005)
Hp Apache-based Web Server 2.0.43.04
Cisco Firewall Services Module 2.1 (0.208)
Avaya Sg203 4.4
Hp Hp-ux 11.11
Redhat Enterprise Linux Desktop 3.0
Hp Hp-ux 11.23
Cisco Ciscoworks Common Management Foundation 2.1
Freebsd Freebsd 5.1
Avaya Sg208 4.4
Redhat Enterprise Linux 3.0
Avaya Sg200 4.4
Avaya Sg5 4.4
Redhat Linux 7.2
Cisco Ciscoworks Common Services 2.2
Openbsd Openbsd 3.3
7.5
CVSSv3
CVE-2004-0079
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote malicious users to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.
Cisco Firewall Services Module
Symantec Clientless Vpn Gateway 4400 5.0
Hp Apache-based Web Server 2.0.43.00
Cisco Firewall Services Module 1.1.3
Cisco Firewall Services Module 1.1.2
Hp Aaa Server
Cisco Firewall Services Module 1.1 (3.005)
Hp Apache-based Web Server 2.0.43.04
Cisco Firewall Services Module 2.1 (0.208)
Avaya Sg203 4.4
Hp Hp-ux 11.11
Redhat Enterprise Linux Desktop 3.0
Hp Hp-ux 11.23
Cisco Ciscoworks Common Management Foundation 2.1
Freebsd Freebsd 5.1
Avaya Sg208 4.4
Redhat Enterprise Linux 3.0
Avaya Sg200 4.4
Avaya Sg5 4.4
Redhat Linux 7.2
Cisco Ciscoworks Common Services 2.2
Openbsd Openbsd 3.3
NA
CVE-2004-0081
OpenSSL 0.9.6 prior to 0.9.6d does not properly handle unknown message types, which allows remote malicious users to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.
Cisco Firewall Services Module
Symantec Clientless Vpn Gateway 4400 5.0
Hp Apache-based Web Server 2.0.43.00
Cisco Firewall Services Module 1.1.3
Cisco Firewall Services Module 1.1.2
Hp Aaa Server
Cisco Firewall Services Module 1.1 (3.005)
Hp Apache-based Web Server 2.0.43.04
Cisco Firewall Services Module 2.1 (0.208)
Avaya Sg203 4.4
Hp Hp-ux 11.11
Redhat Enterprise Linux Desktop 3.0
Hp Hp-ux 11.23
Cisco Ciscoworks Common Management Foundation 2.1
Freebsd Freebsd 5.1
Avaya Sg208 4.4
Redhat Enterprise Linux 3.0
Avaya Sg200 4.4
Avaya Sg5 4.4
Redhat Linux 7.2
Cisco Ciscoworks Common Services 2.2
Openbsd Openbsd 3.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started