Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
checkpoint vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2001-1303
The default configuration of SecuRemote for Check Point Firewall-1 allows remote malicious users to obtain sensitive configuration information for the protected network without authentication.
Checkpoint Firewall-1 4.1
Checkpoint Firewall-1 4.0
1 EDB exploit
7.5
CVSSv2
CVE-2001-1158
Check Point VPN-1/FireWall-1 4.1 base.def contains a default macro, accept_fw1_rdp, which can allow remote malicious users to bypass intended restrictions with forged RDP (internal protocol) headers to UDP port 259 of arbitrary hosts.
Checkpoint Firewall-1 4.1
Checkpoint Firewall-1 4.1 Build 41439
4
CVSSv2
CVE-2014-1672
Check Point R75.47 Security Gateway and Management Server does not properly enforce Anti-Spoofing when the routing table is modified and the "Get - Interfaces with Topology" action is performed, which allows malicious users to bypass intended access restrictions.
Checkpoint Security Gateway R75.47
Checkpoint Management Server R75.47
5
CVSSv2
CVE-2008-5849
Check Point VPN-1 R55, R65, and other versions, when Port Address Translation (PAT) is used, allows remote malicious users to discover intranet IP addresses via a packet with a small TTL, which triggers an ICMP_TIMXCEED_INTRANS (aka ICMP time exceeded in-transit) response contain...
Checkpoint Vpn-1 R55
Checkpoint Vpn-1 R65
5
CVSSv2
CVE-2000-1032
The client authentication interface for Check Point Firewall-1 4.0 and previous versions generates different error messages for invalid usernames versus invalid passwords, which allows remote malicious users to identify valid usernames on the firewall.
Checkpoint Firewall-1 3.0
Checkpoint Firewall-1 4.0
7.1
CVSSv2
CVE-2014-8950
Unspecified vulnerability in Check Point Security Gateway R77 and R77.10, when the (1) URL Filtering or (2) Identity Awareness blade is used, allows remote malicious users to cause a denial of service (crash) via vectors involving an HTTPS request.
Checkpoint Security Gateway R77
Checkpoint Security Gateway R77.10
4.3
CVSSv2
CVE-2019-8456
Check Point IKEv2 IPsec VPN up to R80.30, in some less common conditions, may allow an attacker with knowledge of the internal configuration and setup to successfully connect to a site-to-site VPN server.
Checkpoint Ipsec Vpn R80.10
Checkpoint Ipsec Vpn R80.20
5
CVSSv2
CVE-2003-0757
Check Point FireWall-1 4.0 and 4.1 before SP5 allows remote malicious users to obtain the IP addresses of internal interfaces via certain SecuRemote requests to TCP ports 256 or 264, which leaks the IP addresses in a reply packet.
Checkpoint Firewall-1 4.0
Checkpoint Firewall-1 4.1
1 EDB exploit
4.9
CVSSv2
CVE-2002-2405
Check Point FireWall-1 4.1 and Next Generation (NG), with UserAuth configured to proxy HTTP traffic only, allows remote malicious users to pass unauthorized HTTPS, FTP and possibly other traffic through the firewall.
Checkpoint Firewall-1 4.1
Checkpoint Firewall-1 Ng
5
CVSSv2
CVE-1999-0675
Check Point FireWall-1 can be subjected to a denial of service via UDP packets that are sent through VPN-1 to port 0 of a host.
Checkpoint Firewall-1 4.0
Checkpoint Firewall-1 3.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946
CVE-2024-30309
CVE-2024-4761
CVE-2024-30051
type confusion
memory leak
CVE-2024-30293
reflected XSS
CVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »