Filtered by vendor Checkpoint
Subscribe
Total
112 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2000-0804 | 1 Checkpoint | 1 Firewall-1 | 2017-10-09 | 7.5 HIGH | N/A |
Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to bypass the directionality check via fragmented TCP connection requests or reopening closed TCP connection requests, aka "One-way Connection Enforcement Bypass." | |||||
CVE-2000-0805 | 1 Checkpoint | 1 Firewall-1 | 2017-10-09 | 7.5 HIGH | N/A |
Check Point VPN-1/FireWall-1 4.1 and earlier improperly retransmits encapsulated FWS packets, even if they do not come from a valid FWZ client, aka "Retransmission of Encapsulated Packets." | |||||
CVE-2000-0806 | 1 Checkpoint | 1 Firewall-1 | 2017-10-09 | 5.0 MEDIUM | N/A |
The inter-module authentication mechanism (fwa1) in Check Point VPN-1/FireWall-1 4.1 and earlier may allow remote attackers to conduct a denial of service, aka "Inter-module Communications Bypass." | |||||
CVE-2000-0807 | 1 Checkpoint | 1 Firewall-1 | 2017-10-09 | 7.5 HIGH | N/A |
The OPSEC communications authentication mechanism (fwn1) in Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to spoof connections, aka the "OPSEC Authentication Vulnerability." | |||||
CVE-2000-0809 | 1 Checkpoint | 1 Firewall-1 | 2017-10-09 | 5.0 MEDIUM | N/A |
Buffer overflow in Getkey in the protocol checker in the inter-module communication mechanism in Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to cause a denial of service. | |||||
CVE-2000-0813 | 1 Checkpoint | 1 Firewall-1 | 2017-10-09 | 5.0 MEDIUM | N/A |
Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to redirect FTP connections to other servers ("FTP Bounce") via invalid FTP commands that are processed improperly by FireWall-1, aka "FTP Connection Enforcement Bypass." | |||||
CVE-2000-1032 | 1 Checkpoint | 1 Firewall-1 | 2017-10-09 | 5.0 MEDIUM | N/A |
The client authentication interface for Check Point Firewall-1 4.0 and earlier generates different error messages for invalid usernames versus invalid passwords, which allows remote attackers to identify valid usernames on the firewall. | |||||
CVE-2001-0182 | 1 Checkpoint | 1 Firewall-1 | 2017-10-09 | 5.0 MEDIUM | N/A |
FireWall-1 4.1 with a limited-IP license allows remote attackers to cause a denial of service by sending a large number of spoofed IP packets with various source addresses to the inside interface, which floods the console with warning messages and consumes CPU resources. | |||||
CVE-2001-0940 | 1 Checkpoint | 1 Firewall-1 | 2017-10-09 | 7.5 HIGH | N/A |
Buffer overflow in the GUI authentication code of Check Point VPN-1/FireWall-1 Management Server 4.0 and 4.1 allows remote attackers to execute arbitrary code via a long user name. | |||||
CVE-2014-8951 | 1 Checkpoint | 1 Security Gateway | 2017-09-07 | 7.1 HIGH | N/A |
Unspecified vulnerability in Check Point Security Gateway R75, R76, R77, and R77.10, when UserCheck is enabled and the (1) Application Control, (2) URL Filtering, (3) DLP, (4) Threat Emulation, (5) Anti-Bot, or (6) Anti-Virus blade is used, allows remote attackers to cause a denial of service (fwk0 process crash, core dump, and restart) via a redirect to the UserCheck page. | |||||
CVE-2014-8952 | 1 Checkpoint | 1 Security Gateway | 2017-09-07 | 7.1 HIGH | N/A |
Multiple unspecified vulnerabilities in Check Point Security Gateway R75.40VS, R75.45, R75.46, R75.47, R76, R77, and R77.10, when the (1) IPS blade, (2) IPsec Remote Access, (3) Mobile Access / SSL VPN blade, (4) SSL Network Extender, (5) Identify Awareness blade, (6) HTTPS Inspection, (7) UserCheck, or (8) Data Leak Prevention blade module is enabled, allow remote attackers to cause a denial of service ("stability issue") via an unspecified "traffic condition." | |||||
CVE-2014-8950 | 1 Checkpoint | 1 Security Gateway | 2017-09-07 | 7.1 HIGH | N/A |
Unspecified vulnerability in Check Point Security Gateway R77 and R77.10, when the (1) URL Filtering or (2) Identity Awareness blade is used, allows remote attackers to cause a denial of service (crash) via vectors involving an HTTPS request. | |||||
CVE-2013-7304 | 1 Checkpoint | 1 Endpoint Security Mi Server R73 | 2017-08-28 | 4.3 MEDIUM | N/A |
Check Point Endpoint Security MI Server through R73 3.0.0 HFA2.5 does not configure X.509 certificate validation for client devices, which allows man-in-the-middle attackers to spoof SSL servers by presenting an arbitrary certificate during a session established by a client. | |||||
CVE-2014-1673 | 1 Checkpoint | 1 Session Authentication Agent | 2017-08-28 | 5.0 MEDIUM | N/A |
Check Point Session Authentication Agent allows remote attackers to obtain sensitive information (user credentials) via unspecified vectors. | |||||
CVE-2011-2664 | 1 Checkpoint | 1 Multi-domain Management\/provider-1 | 2017-08-28 | 3.6 LOW | N/A |
Unspecified vulnerability in Check Point Multi-Domain Management / Provider-1 NGX R65, R70, R71, and R75, and SmartCenter during installation on non-Windows machines, allows local users on the MDS system to overwrite arbitrary files via unknown vectors. | |||||
CVE-2008-5849 | 1 Checkpoint | 1 Vpn-1 | 2017-08-07 | 5.0 MEDIUM | N/A |
Check Point VPN-1 R55, R65, and other versions, when Port Address Translation (PAT) is used, allows remote attackers to discover intranet IP addresses via a packet with a small TTL, which triggers an ICMP_TIMXCEED_INTRANS (aka ICMP time exceeded in-transit) response containing an encapsulated IP packet with an intranet address, as demonstrated by a TCP packet to the firewall management server on port 18264. | |||||
CVE-2008-5994 | 1 Checkpoint | 1 Connectra Ngx | 2017-08-07 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in index.php in Check Point Connectra NGX R62 HFA_01 allows remote attackers to inject arbitrary web script or HTML via the dir parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
CVE-2008-1397 | 1 Checkpoint | 5 Check Point Vpn-1 Pro, Vpn-1, Vpn-1 Firewall-1 and 2 more | 2017-08-07 | 6.5 MEDIUM | N/A |
Check Point VPN-1 Power/UTM, with NGX R60 through R65 and NG AI R55 software, allows remote authenticated users to cause a denial of service (site-to-site VPN tunnel outage), and possibly intercept network traffic, by configuring the local RFC1918 IP address to be the same as one of this tunnel's endpoint RFC1918 IP addresses, and then using SecuRemote to connect to a network interface at the other endpoint. | |||||
CVE-2004-2679 | 1 Checkpoint | 1 Firewall-1 | 2017-07-28 | 7.8 HIGH | N/A |
Check Point Firewall-1 4.1 up to NG AI R55 allows remote attackers to obtain potentially sensitive information by sending an Internet Key Exchange (IKE) with a certain Vendor ID payload that causes Firewall-1 to return a response containing version and other information. | |||||
CVE-2005-2932 | 1 Checkpoint | 2 Zonealarm, Zonealarm Security Suite | 2017-07-10 | 7.2 HIGH | N/A |
Multiple Check Point Zone Labs ZoneAlarm products before 7.0.362, including ZoneAlarm Security Suite 5.5.062.004 and 6.5.737, use insecure default permissions for critical files, which allows local users to gain privileges or bypass security controls. |