Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
firewall vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2003-0220
Buffer overflow in the administrator authentication process for Kerio Personal Firewall (KPF) 2.1.4 and previous versions allows remote malicious users to execute arbitrary code via a handshake packet.
Kerio Personal Firewall 2 2.1
Kerio Personal Firewall 2 2.1.1
Kerio Personal Firewall 2 2.1.2
Kerio Personal Firewall 2 2.1.3
Kerio Personal Firewall 2 2.1.4
5 EDB exploits
1 Github repository
7.5
CVSSv2
CVE-2003-0219
Kerio Personal Firewall (KPF) 2.1.4 and previous versions allows remote malicious users to execute administrator commands by sniffing packets from a valid session and replaying them against the remote administration server.
Kerio Personal Firewall 2 2.1
Kerio Personal Firewall 2 2.1.1
Kerio Personal Firewall 2 2.1.2
Kerio Personal Firewall 2 2.1.3
Kerio Personal Firewall 2 2.1.4
2.1
CVSSv2
CVE-2004-1022
Kerio Winroute Firewall prior to 6.0.7, ServerFirewall prior to 1.0.1, and MailServer prior to 6.0.5 use symmetric encryption for user passwords, which allows malicious users to decrypt the user database and obtain the passwords by extracting the secret key from within the softwa...
Kerio Kerio Mailserver 5.6.4
Kerio Kerio Mailserver 5.6.5
Kerio Kerio Mailserver 5.7.6
Kerio Kerio Mailserver 5.7.7
Kerio Kerio Mailserver 6.0.4
Kerio Serverfirewall 1.0
Kerio Winroute Firewall 5.0.7
Kerio Winroute Firewall 5.0.8
Kerio Winroute Firewall 5.1.5
Kerio Winroute Firewall 5.1.6
Kerio Winroute Firewall 6.0.2
Kerio Winroute Firewall 6.0.3
Kerio Kerio Mailserver 5.0
Kerio Kerio Mailserver 5.1
Kerio Kerio Mailserver 5.7.10
Kerio Kerio Mailserver 5.7.2
Kerio Kerio Mailserver 5.1.1
Kerio Kerio Mailserver 5.6.3
Kerio Kerio Mailserver 5.7.4
Kerio Kerio Mailserver 5.7.5
Kerio Kerio Mailserver 6.0.2
Kerio Kerio Mailserver 6.0.3
6.4
CVSSv2
CVE-2002-2139
Cisco PIX Firewall 6.0.3 and previous versions, and 6.1.x to 6.1.3, do not delete the duplicate ISAKMP SAs for a user's VPN session, which allows local users to hijack a session via a man-in-the-middle attack.
Cisco Pix Firewall Software 6.1
Cisco Pix Firewall Software 6.1\\(2\\)
Cisco Pix Firewall Software 6.1\\(3\\)
Cisco Pix Firewall Software 6.0
Cisco Pix Firewall Software 6.0\\(2\\)
Cisco Pix Firewall Software 6.0\\(1\\)
Cisco Pix Firewall Software 6.0\\(3\\)
6.4
CVSSv2
CVE-2001-1101
The Log Viewer function in the Check Point FireWall-1 GUI for Solaris 3.0b up to and including 4.1 SP2 does not check for the existence of '.log' files when saving files, which allows (1) remote authenticated users to overwrite arbitrary files ending in '.log'...
Checkpoint Firewall-1 4.0
Checkpoint Firewall-1 4.1
Checkpoint Firewall-1 3.0
6.2
CVSSv2
CVE-2001-1102
Check Point FireWall-1 3.0b up to and including 4.1 for Solaris allows local users to overwrite arbitrary files via a symlink attack on temporary policy files that end in a .cpp extension, which are set world-writable.
Checkpoint Firewall-1 4.1
Checkpoint Firewall-1 3.0
Checkpoint Firewall-1 4.0
7.5
CVSSv2
CVE-2000-0779
Checkpoint Firewall-1 with the RSH/REXEC setting enabled allows remote malicious users to bypass access restrictions and connect to a RSH/REXEC client via malformed connection requests.
Checkpoint Firewall-1 4.0
Checkpoint Firewall-1 4.1
Checkpoint Firewall-1 3.0
7.5
CVSSv2
CVE-2000-0804
Check Point VPN-1/FireWall-1 4.1 and previous versions allows remote malicious users to bypass the directionality check via fragmented TCP connection requests or reopening closed TCP connection requests, aka "One-way Connection Enforcement Bypass."
Checkpoint Firewall-1 4.1
Checkpoint Firewall-1 3.0
Checkpoint Firewall-1 4.0
7.5
CVSSv2
CVE-2000-0805
Check Point VPN-1/FireWall-1 4.1 and previous versions improperly retransmits encapsulated FWS packets, even if they do not come from a valid FWZ client, aka "Retransmission of Encapsulated Packets."
Checkpoint Firewall-1 3.0
Checkpoint Firewall-1 4.0
Checkpoint Firewall-1 4.1
7.5
CVSSv2
CVE-2000-0807
The OPSEC communications authentication mechanism (fwn1) in Check Point VPN-1/FireWall-1 4.1 and previous versions allows remote malicious users to spoof connections, aka the "OPSEC Authentication Vulnerability."
Checkpoint Firewall-1 3.0
Checkpoint Firewall-1 4.0
Checkpoint Firewall-1 4.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-24955
man-in-the-middle
dos
CVE-2024-2818
CVE-2024-30584
CVE-2024-31134
camera
CVE-2023-45866
CVE-2024-30585
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »