Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 20/03/2008 Updated: 08/08/2017

CVSS v2 Base Score: 6.5 | Impact Score: 6.4 | Exploitability Score: 8

VMScore: 578

Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P

Check Point VPN-1 Power/UTM, with NGX R60 through R65 and NG AI R55 software, allows remote authenticated users to cause a denial of service (site-to-site VPN tunnel outage), and possibly intercept network traffic, by configuring the local RFC1918 IP address to be the same as one of this tunnel's endpoint RFC1918 IP addresses, and then using SecuRemote to connect to a network interface at the other endpoint.

Vulnerable Product	Search on Vulmon	Subscribe to Product
checkpoint check point vpn-1 pro ngx_r62_ga
checkpoint vpn-1 ngx_r60
checkpoint vpn-1 firewall-1 ng_ai_r55
checkpoint vpn-1 power utm ngx_r65_with_messaging_security
checkpoint vpn-1 power utm with ngx r65
checkpoint check point vpn-1 pro ngx_r61

CWE-264 http://www.puresecurity.com.au/files/PureSecurity%20VPN-1%20DoS_Spoofing%20Attack%20against%20VPN%20tunnels.pdf https://supportcenter.checkpoint.com/supportcenter/portal?solutionid=sk34579 http://www.kb.cert.org/vuls/id/992585 http://www.securityfocus.com/bid/28299 http://secunia.com/advisories/29394 http://puresecurity.com.au/index.php?action=fullnews&id=5 http://www.securitytracker.com/id?1019666 http://www.vupen.com/english/advisories/2008/0953/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41260 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2008-1397

Vulnerability Summary

References

Vulmon Search

About

Products

Connect