Check Point Firewall-1 session agent 3.0 up to and including 4.1 generates different error messages for invalid user names versus invalid passwords, which allows remote malicious users to determine valid usernames and guess a password via a brute force attack.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
checkpoint firewall-1 3.0 |
||
checkpoint firewall-1 4.0 |
||
checkpoint firewall-1 4.1 |