Total
43 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2001-0940 | 1 Checkpoint | 1 Firewall-1 | 2024-11-20 | 7.5 HIGH | N/A |
Buffer overflow in the GUI authentication code of Check Point VPN-1/FireWall-1 Management Server 4.0 and 4.1 allows remote attackers to execute arbitrary code via a long user name. | |||||
CVE-2001-0182 | 1 Checkpoint | 1 Firewall-1 | 2024-11-20 | 5.0 MEDIUM | N/A |
FireWall-1 4.1 with a limited-IP license allows remote attackers to cause a denial of service by sending a large number of spoofed IP packets with various source addresses to the inside interface, which floods the console with warning messages and consumes CPU resources. | |||||
CVE-2001-0082 | 1 Checkpoint | 1 Firewall-1 | 2024-11-20 | 7.5 HIGH | N/A |
Check Point VPN-1/FireWall-1 4.1 SP2 with Fastmode enabled allows remote attackers to bypass access restrictions via malformed, fragmented packets. | |||||
CVE-2000-1201 | 1 Checkpoint | 1 Firewall-1 | 2024-11-20 | 5.0 MEDIUM | N/A |
Check Point FireWall-1 allows remote attackers to cause a denial of service (high CPU) via a flood of packets to port 264. | |||||
CVE-2000-1037 | 1 Checkpoint | 1 Firewall-1 | 2024-11-20 | 7.5 HIGH | N/A |
Check Point Firewall-1 session agent 3.0 through 4.1 generates different error messages for invalid user names versus invalid passwords, which allows remote attackers to determine valid usernames and guess a password via a brute force attack. | |||||
CVE-2000-1032 | 1 Checkpoint | 1 Firewall-1 | 2024-11-20 | 5.0 MEDIUM | N/A |
The client authentication interface for Check Point Firewall-1 4.0 and earlier generates different error messages for invalid usernames versus invalid passwords, which allows remote attackers to identify valid usernames on the firewall. | |||||
CVE-2000-0813 | 1 Checkpoint | 1 Firewall-1 | 2024-11-20 | 5.0 MEDIUM | N/A |
Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to redirect FTP connections to other servers ("FTP Bounce") via invalid FTP commands that are processed improperly by FireWall-1, aka "FTP Connection Enforcement Bypass." | |||||
CVE-2000-0809 | 1 Checkpoint | 1 Firewall-1 | 2024-11-20 | 5.0 MEDIUM | N/A |
Buffer overflow in Getkey in the protocol checker in the inter-module communication mechanism in Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to cause a denial of service. | |||||
CVE-2000-0808 | 1 Checkpoint | 1 Firewall-1 | 2024-11-20 | 7.5 HIGH | N/A |
The seed generation mechanism in the inter-module S/Key authentication mechanism in Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to bypass authentication via a brute force attack, aka "One-time (s/key) Password Authentication." | |||||
CVE-2000-0807 | 1 Checkpoint | 1 Firewall-1 | 2024-11-20 | 7.5 HIGH | N/A |
The OPSEC communications authentication mechanism (fwn1) in Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to spoof connections, aka the "OPSEC Authentication Vulnerability." | |||||
CVE-2000-0806 | 1 Checkpoint | 1 Firewall-1 | 2024-11-20 | 5.0 MEDIUM | N/A |
The inter-module authentication mechanism (fwa1) in Check Point VPN-1/FireWall-1 4.1 and earlier may allow remote attackers to conduct a denial of service, aka "Inter-module Communications Bypass." | |||||
CVE-2000-0805 | 1 Checkpoint | 1 Firewall-1 | 2024-11-20 | 7.5 HIGH | N/A |
Check Point VPN-1/FireWall-1 4.1 and earlier improperly retransmits encapsulated FWS packets, even if they do not come from a valid FWZ client, aka "Retransmission of Encapsulated Packets." | |||||
CVE-2000-0804 | 1 Checkpoint | 1 Firewall-1 | 2024-11-20 | 7.5 HIGH | N/A |
Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to bypass the directionality check via fragmented TCP connection requests or reopening closed TCP connection requests, aka "One-way Connection Enforcement Bypass." | |||||
CVE-2000-0779 | 1 Checkpoint | 1 Firewall-1 | 2024-11-20 | 7.5 HIGH | N/A |
Checkpoint Firewall-1 with the RSH/REXEC setting enabled allows remote attackers to bypass access restrictions and connect to a RSH/REXEC client via malformed connection requests. | |||||
CVE-2000-0582 | 1 Checkpoint | 1 Firewall-1 | 2024-11-20 | 5.0 MEDIUM | N/A |
Check Point FireWall-1 4.0 and 4.1 allows remote attackers to cause a denial of service by sending a stream of invalid commands (such as binary zeros) to the SMTP Security Server proxy. | |||||
CVE-2000-0482 | 1 Checkpoint | 1 Firewall-1 | 2024-11-20 | 5.0 MEDIUM | N/A |
Check Point Firewall-1 allows remote attackers to cause a denial of service by sending a large number of malformed fragmented IP packets. | |||||
CVE-2000-0181 | 1 Checkpoint | 1 Firewall-1 | 2024-11-20 | 5.0 MEDIUM | N/A |
Firewall-1 3.0 and 4.0 leaks packets with private IP address information, which could allow remote attackers to determine the real IP address of the host that is making the connection. | |||||
CVE-2000-0150 | 2 Checkpoint, Cisco | 2 Firewall-1, Pix Firewall Software | 2024-11-20 | 7.5 HIGH | N/A |
Check Point Firewall-1 allows remote attackers to bypass port access restrictions on an FTP server by forcing it to send malicious packets that Firewall-1 misinterprets as a valid 227 response to a client's PASV attempt. | |||||
CVE-2000-0116 | 1 Checkpoint | 1 Firewall-1 | 2024-11-20 | 7.5 HIGH | N/A |
Firewall-1 does not properly filter script tags, which allows remote attackers to bypass the "Strip Script Tags" restriction by including an extra < in front of the SCRIPT tag. | |||||
CVE-1999-1204 | 1 Checkpoint | 1 Firewall-1 | 2024-11-20 | 7.5 HIGH | N/A |
Check Point Firewall-1 does not properly handle certain restricted keywords (e.g., Mail, auth, time) in user-defined objects, which could produce a rule with a default "ANY" address and result in access to more systems than intended by the administrator. |