Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
checkpoint firewall-1 4.0 vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2000-0813
Check Point VPN-1/FireWall-1 4.1 and previous versions allows remote malicious users to redirect FTP connections to other servers ("FTP Bounce") via invalid FTP commands that are processed improperly by FireWall-1, aka "FTP Connection Enforcement Bypass."
Checkpoint Firewall-1 4.1
Checkpoint Firewall-1 3.0
Checkpoint Firewall-1 4.0
668
VMScore
CVE-2000-0805
Check Point VPN-1/FireWall-1 4.1 and previous versions improperly retransmits encapsulated FWS packets, even if they do not come from a valid FWZ client, aka "Retransmission of Encapsulated Packets."
Checkpoint Firewall-1 3.0
Checkpoint Firewall-1 4.0
Checkpoint Firewall-1 4.1
694
VMScore
CVE-2004-2679
Check Point Firewall-1 4.1 up to NG AI R55 allows remote malicious users to obtain potentially sensitive information by sending an Internet Key Exchange (IKE) with a certain Vendor ID payload that causes Firewall-1 to return a response containing version and other information.
Checkpoint Firewall-1 4.0
Checkpoint Firewall-1 4.1
Checkpoint Firewall-1 R55
668
VMScore
CVE-2001-0940
Buffer overflow in the GUI authentication code of Check Point VPN-1/FireWall-1 Management Server 4.0 and 4.1 allows remote malicious users to execute arbitrary code via a long user name.
Checkpoint Firewall-1 4.0
Checkpoint Firewall-1 4.1
215
VMScore
CVE-1999-0770
Firewall-1 sets a long timeout for connections that begin with ACK or other packets except SYN, allowing an malicious user to conduct a denial of service via a large number of connection attempts to unresponsive systems.
Checkpoint Firewall-1 4.0
Checkpoint Firewall-1 3.0
1 EDB exploit
445
VMScore
CVE-1999-0675
Check Point FireWall-1 can be subjected to a denial of service via UDP packets that are sent through VPN-1 to port 0 of a host.
Checkpoint Firewall-1 4.0
Checkpoint Firewall-1 3.0
445
VMScore
CVE-2000-1032
The client authentication interface for Check Point Firewall-1 4.0 and previous versions generates different error messages for invalid usernames versus invalid passwords, which allows remote malicious users to identify valid usernames on the firewall.
Checkpoint Firewall-1 3.0
Checkpoint Firewall-1 4.0
505
VMScore
CVE-2001-1303
The default configuration of SecuRemote for Check Point Firewall-1 allows remote malicious users to obtain sensitive configuration information for the protected network without authentication.
Checkpoint Firewall-1 4.1
Checkpoint Firewall-1 4.0
1 EDB exploit
505
VMScore
CVE-2000-0582
Check Point FireWall-1 4.0 and 4.1 allows remote malicious users to cause a denial of service by sending a stream of invalid commands (such as binary zeros) to the SMTP Security Server proxy.
Checkpoint Firewall-1 4.1
Checkpoint Firewall-1 4.0
1 EDB exploit
505
VMScore
CVE-2003-0757
Check Point FireWall-1 4.0 and 4.1 before SP5 allows remote malicious users to obtain the IP addresses of internal interfaces via certain SecuRemote requests to TCP ports 256 or 264, which leaks the IP addresses in a reply packet.
Checkpoint Firewall-1 4.0
Checkpoint Firewall-1 4.1
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »