Vulnerabilites related to checkpoint - firewall-1
CVE-2001-1176 (GCVE-0-2001-1176)
Vulnerability from cvelistv5
Published
2002-06-25 04:00
Modified
2024-08-08 04:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Format string vulnerability in Check Point VPN-1/FireWall-1 4.1 allows a remote authenticated firewall administrator to execute arbitrary code via format strings in the control connection.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:44:08.303Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "3021",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/3021"
},
{
"name": "fw1-management-format-string(6849)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6849"
},
{
"name": "1901",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/1901"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.checkpoint.com/techsupport/alerts/format_strings.html"
},
{
"name": "20010712 VPN-1/FireWall-1 Format Strings Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-07/0209.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-07-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in Check Point VPN-1/FireWall-1 4.1 allows a remote authenticated firewall administrator to execute arbitrary code via format strings in the control connection."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-03-22T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "3021",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/3021"
},
{
"name": "fw1-management-format-string(6849)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6849"
},
{
"name": "1901",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/1901"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.checkpoint.com/techsupport/alerts/format_strings.html"
},
{
"name": "20010712 VPN-1/FireWall-1 Format Strings Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-07/0209.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-1176",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Format string vulnerability in Check Point VPN-1/FireWall-1 4.1 allows a remote authenticated firewall administrator to execute arbitrary code via format strings in the control connection."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "3021",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3021"
},
{
"name": "fw1-management-format-string(6849)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6849"
},
{
"name": "1901",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/1901"
},
{
"name": "http://www.checkpoint.com/techsupport/alerts/format_strings.html",
"refsource": "CONFIRM",
"url": "http://www.checkpoint.com/techsupport/alerts/format_strings.html"
},
{
"name": "20010712 VPN-1/FireWall-1 Format Strings Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-07/0209.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-1176",
"datePublished": "2002-06-25T04:00:00",
"dateReserved": "2002-03-15T00:00:00",
"dateUpdated": "2024-08-08T04:44:08.303Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0699 (GCVE-0-2004-0699)
Vulnerability from cvelistv5
Published
2004-09-14 04:00
Modified
2024-08-08 00:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Heap-based buffer overflow in ASN.1 decoding library in Check Point VPN-1 products, when Aggressive Mode IKE is implemented, allows remote attackers to execute arbitrary code by initiating an IKE negotiation and then sending an IKE packet with malformed ASN.1 data.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:24:27.055Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.checkpoint.com/techsupport/alerts/asn1.html"
},
{
"name": "1010799",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/alerts/2004/Jul/1010799.html"
},
{
"name": "VU#435358",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/435358"
},
{
"name": "8290",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/displayvuln.php?osvdb_id=8290"
},
{
"name": "10820",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10820"
},
{
"name": "12177",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/12177/"
},
{
"name": "20040728 Check Point VPN-1 ASN.1 Decoding Remote Compromise",
"tags": [
"third-party-advisory",
"x_refsource_ISS",
"x_transferred"
],
"url": "http://xforce.iss.net/xforce/alerts/id/178"
},
{
"name": "O-190",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC",
"x_transferred"
],
"url": "http://www.ciac.org/ciac/bulletins/o-190.shtml"
},
{
"name": "vpn1-asn1-decoding-bo(16824)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16824"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-07-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in ASN.1 decoding library in Check Point VPN-1 products, when Aggressive Mode IKE is implemented, allows remote attackers to execute arbitrary code by initiating an IKE negotiation and then sending an IKE packet with malformed ASN.1 data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.checkpoint.com/techsupport/alerts/asn1.html"
},
{
"name": "1010799",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/alerts/2004/Jul/1010799.html"
},
{
"name": "VU#435358",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/435358"
},
{
"name": "8290",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/displayvuln.php?osvdb_id=8290"
},
{
"name": "10820",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10820"
},
{
"name": "12177",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/12177/"
},
{
"name": "20040728 Check Point VPN-1 ASN.1 Decoding Remote Compromise",
"tags": [
"third-party-advisory",
"x_refsource_ISS"
],
"url": "http://xforce.iss.net/xforce/alerts/id/178"
},
{
"name": "O-190",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC"
],
"url": "http://www.ciac.org/ciac/bulletins/o-190.shtml"
},
{
"name": "vpn1-asn1-decoding-bo(16824)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16824"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0699",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in ASN.1 decoding library in Check Point VPN-1 products, when Aggressive Mode IKE is implemented, allows remote attackers to execute arbitrary code by initiating an IKE negotiation and then sending an IKE packet with malformed ASN.1 data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.checkpoint.com/techsupport/alerts/asn1.html",
"refsource": "CONFIRM",
"url": "http://www.checkpoint.com/techsupport/alerts/asn1.html"
},
{
"name": "1010799",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/alerts/2004/Jul/1010799.html"
},
{
"name": "VU#435358",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/435358"
},
{
"name": "8290",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/displayvuln.php?osvdb_id=8290"
},
{
"name": "10820",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10820"
},
{
"name": "12177",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/12177/"
},
{
"name": "20040728 Check Point VPN-1 ASN.1 Decoding Remote Compromise",
"refsource": "ISS",
"url": "http://xforce.iss.net/xforce/alerts/id/178"
},
{
"name": "O-190",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/o-190.shtml"
},
{
"name": "vpn1-asn1-decoding-bo(16824)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16824"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0699",
"datePublished": "2004-09-14T04:00:00",
"dateReserved": "2004-07-15T00:00:00",
"dateUpdated": "2024-08-08T00:24:27.055Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-0770 (GCVE-0-1999-0770)
Vulnerability from cvelistv5
Published
2000-01-18 05:00
Modified
2024-08-01 16:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Firewall-1 sets a long timeout for connections that begin with ACK or other packets except SYN, allowing an attacker to conduct a denial of service via a large number of connection attempts to unresponsive systems.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:48:37.776Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1027",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/1027"
},
{
"name": "549",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/549"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Firewall-1 sets a long timeout for connections that begin with ACK or other packets except SYN, allowing an attacker to conduct a denial of service via a large number of connection attempts to unresponsive systems."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-09-02T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1027",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/1027"
},
{
"name": "549",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/549"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0770",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Firewall-1 sets a long timeout for connections that begin with ACK or other packets except SYN, allowing an attacker to conduct a denial of service via a large number of connection attempts to unresponsive systems."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1027",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/1027"
},
{
"name": "549",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/549"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0770",
"datePublished": "2000-01-18T05:00:00",
"dateReserved": "1999-11-25T00:00:00",
"dateUpdated": "2024-08-01T16:48:37.776Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-1201 (GCVE-0-2000-1201)
Vulnerability from cvelistv5
Published
2001-09-12 04:00
Modified
2024-08-08 05:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Check Point FireWall-1 allows remote attackers to cause a denial of service (high CPU) via a flood of packets to port 264.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:45:37.379Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20000707 Re: CheckPoint FW1 BUG",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0085.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-07-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Check Point FireWall-1 allows remote attackers to cause a denial of service (high CPU) via a flood of packets to port 264."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2001-12-16T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20000707 Re: CheckPoint FW1 BUG",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0085.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-1201",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Check Point FireWall-1 allows remote attackers to cause a denial of service (high CPU) via a flood of packets to port 264."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20000707 Re: CheckPoint FW1 BUG",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0085.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-1201",
"datePublished": "2001-09-12T04:00:00",
"dateReserved": "2001-08-31T00:00:00",
"dateUpdated": "2024-08-08T05:45:37.379Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-0582 (GCVE-0-2000-0582)
Vulnerability from cvelistv5
Published
2000-10-13 04:00
Modified
2024-08-08 05:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Check Point FireWall-1 4.0 and 4.1 allows remote attackers to cause a denial of service by sending a stream of invalid commands (such as binary zeros) to the SMTP Security Server proxy.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:21:31.216Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.checkpoint.com/techsupport/alerts/list_vun.html#SMTP_Security"
},
{
"name": "1438",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/1438"
},
{
"name": "1416",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1416"
},
{
"name": "20000630 SecureXpert Advisory [SX-20000620-3]",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=Pine.LNX.3.96.1000630162106.4619C-100000%40fjord.fscinternet.com"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-06-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Check Point FireWall-1 4.0 and 4.1 allows remote attackers to cause a denial of service by sending a stream of invalid commands (such as binary zeros) to the SMTP Security Server proxy."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-09-02T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.checkpoint.com/techsupport/alerts/list_vun.html#SMTP_Security"
},
{
"name": "1438",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/1438"
},
{
"name": "1416",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1416"
},
{
"name": "20000630 SecureXpert Advisory [SX-20000620-3]",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=Pine.LNX.3.96.1000630162106.4619C-100000%40fjord.fscinternet.com"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0582",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Check Point FireWall-1 4.0 and 4.1 allows remote attackers to cause a denial of service by sending a stream of invalid commands (such as binary zeros) to the SMTP Security Server proxy."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.checkpoint.com/techsupport/alerts/list_vun.html#SMTP_Security",
"refsource": "CONFIRM",
"url": "http://www.checkpoint.com/techsupport/alerts/list_vun.html#SMTP_Security"
},
{
"name": "1438",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/1438"
},
{
"name": "1416",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1416"
},
{
"name": "20000630 SecureXpert Advisory [SX-20000620-3]",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=Pine.LNX.3.96.1000630162106.4619C-100000@fjord.fscinternet.com"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0582",
"datePublished": "2000-10-13T04:00:00",
"dateReserved": "2000-07-19T00:00:00",
"dateUpdated": "2024-08-08T05:21:31.216Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-1032 (GCVE-0-2000-1032)
Vulnerability from cvelistv5
Published
2001-01-22 05:00
Modified
2024-08-08 05:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The client authentication interface for Check Point Firewall-1 4.0 and earlier generates different error messages for invalid usernames versus invalid passwords, which allows remote attackers to identify valid usernames on the firewall.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:37:32.225Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20001101 Re: Samba 2.0.7 SWAT vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/142808"
},
{
"name": "fw1-login-response(5816)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5816"
},
{
"name": "1632",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/1632"
},
{
"name": "1890",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1890"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-11-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The client authentication interface for Check Point Firewall-1 4.0 and earlier generates different error messages for invalid usernames versus invalid passwords, which allows remote attackers to identify valid usernames on the firewall."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-09-02T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20001101 Re: Samba 2.0.7 SWAT vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/142808"
},
{
"name": "fw1-login-response(5816)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5816"
},
{
"name": "1632",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/1632"
},
{
"name": "1890",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1890"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-1032",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The client authentication interface for Check Point Firewall-1 4.0 and earlier generates different error messages for invalid usernames versus invalid passwords, which allows remote attackers to identify valid usernames on the firewall."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20001101 Re: Samba 2.0.7 SWAT vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/142808"
},
{
"name": "fw1-login-response(5816)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5816"
},
{
"name": "1632",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/1632"
},
{
"name": "1890",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1890"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-1032",
"datePublished": "2001-01-22T05:00:00",
"dateReserved": "2000-11-24T00:00:00",
"dateUpdated": "2024-08-08T05:37:32.225Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-0482 (GCVE-0-2000-0482)
Vulnerability from cvelistv5
Published
2000-10-13 04:00
Modified
2024-08-08 05:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Check Point Firewall-1 allows remote attackers to cause a denial of service by sending a large number of malformed fragmented IP packets.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:21:30.800Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20000605 FW-1 IP Fragmentation Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0473.html"
},
{
"name": "fw1-packet-fragment-dos(4609)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4609"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.checkpoint.com/techsupport/alerts/list_vun.html#IP_Fragmentation"
},
{
"name": "1312",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1312"
},
{
"name": "1379",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/1379"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-06-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Check Point Firewall-1 allows remote attackers to cause a denial of service by sending a large number of malformed fragmented IP packets."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-09-02T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20000605 FW-1 IP Fragmentation Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0473.html"
},
{
"name": "fw1-packet-fragment-dos(4609)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4609"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.checkpoint.com/techsupport/alerts/list_vun.html#IP_Fragmentation"
},
{
"name": "1312",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1312"
},
{
"name": "1379",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/1379"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0482",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Check Point Firewall-1 allows remote attackers to cause a denial of service by sending a large number of malformed fragmented IP packets."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20000605 FW-1 IP Fragmentation Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0473.html"
},
{
"name": "fw1-packet-fragment-dos(4609)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4609"
},
{
"name": "http://www.checkpoint.com/techsupport/alerts/list_vun.html#IP_Fragmentation",
"refsource": "CONFIRM",
"url": "http://www.checkpoint.com/techsupport/alerts/list_vun.html#IP_Fragmentation"
},
{
"name": "1312",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1312"
},
{
"name": "1379",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/1379"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0482",
"datePublished": "2000-10-13T04:00:00",
"dateReserved": "2000-07-11T00:00:00",
"dateUpdated": "2024-08-08T05:21:30.800Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-0181 (GCVE-0-2000-0181)
Vulnerability from cvelistv5
Published
2000-04-25 04:00
Modified
2024-08-08 05:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Firewall-1 3.0 and 4.0 leaks packets with private IP address information, which could allow remote attackers to determine the real IP address of the host that is making the connection.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:05:53.978Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1054",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1054"
},
{
"name": "20000311 Our old friend Firewall-1",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-03/0119.html"
},
{
"name": "1256",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/1256"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-03-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Firewall-1 3.0 and 4.0 leaks packets with private IP address information, which could allow remote attackers to determine the real IP address of the host that is making the connection."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-09-02T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1054",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1054"
},
{
"name": "20000311 Our old friend Firewall-1",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-03/0119.html"
},
{
"name": "1256",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/1256"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0181",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Firewall-1 3.0 and 4.0 leaks packets with private IP address information, which could allow remote attackers to determine the real IP address of the host that is making the connection."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1054",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1054"
},
{
"name": "20000311 Our old friend Firewall-1",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-03/0119.html"
},
{
"name": "1256",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/1256"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0181",
"datePublished": "2000-04-25T04:00:00",
"dateReserved": "2000-03-22T00:00:00",
"dateUpdated": "2024-08-08T05:05:53.978Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-0150 (GCVE-0-2000-0150)
Vulnerability from cvelistv5
Published
2000-03-22 05:00
Modified
2024-08-08 05:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Check Point Firewall-1 allows remote attackers to bypass port access restrictions on an FTP server by forcing it to send malicious packets that Firewall-1 misinterprets as a valid 227 response to a client's PASV attempt.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:05:53.965Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#328867",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/328867"
},
{
"name": "4417",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/4417"
},
{
"name": "979",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/979"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-02-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Check Point Firewall-1 allows remote attackers to bypass port access restrictions on an FTP server by forcing it to send malicious packets that Firewall-1 misinterprets as a valid 227 response to a client\u0027s PASV attempt."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-09-02T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "VU#328867",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/328867"
},
{
"name": "4417",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/4417"
},
{
"name": "979",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/979"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0150",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Check Point Firewall-1 allows remote attackers to bypass port access restrictions on an FTP server by forcing it to send malicious packets that Firewall-1 misinterprets as a valid 227 response to a client\u0027s PASV attempt."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#328867",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/328867"
},
{
"name": "4417",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/4417"
},
{
"name": "979",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/979"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0150",
"datePublished": "2000-03-22T05:00:00",
"dateReserved": "2000-02-16T00:00:00",
"dateUpdated": "2024-08-08T05:05:53.965Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-0940 (GCVE-0-2001-0940)
Vulnerability from cvelistv5
Published
2002-06-25 04:00
Modified
2024-08-08 04:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in the GUI authentication code of Check Point VPN-1/FireWall-1 Management Server 4.0 and 4.1 allows remote attackers to execute arbitrary code via a long user name.
References
| ► | URL | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:37:06.992Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1951",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/1951"
},
{
"name": "20010919 GUI Buffer Overflow",
"tags": [
"vendor-advisory",
"x_refsource_CHECKPOINT",
"x_transferred"
],
"url": "http://www.checkpoint.com/techsupport/alerts/buffer_overflow.html"
},
{
"name": "20010919 Check Point FireWall-1 GUI Log Viewer vulnerability (vuldb 3336)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=100094268017271\u0026w=2"
},
{
"name": "3336",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/3336"
},
{
"name": "fw1-log-viewer-bo(7145)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7145"
},
{
"name": "20011130 Fw: Firewall-1 remote SYSTEM shell buffer overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://cert.uni-stuttgart.de/archive/bugtraq/2001/11/msg00291.html"
},
{
"name": "20010921 Check Point FireWall-1 GUI Buffer Overflow",
"tags": [
"mailing-list",
"x_refsource_WIN2KSEC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/win2ksecadvice/2001-q3/0151.html"
},
{
"name": "20011128 Firewall-1 remote SYSTEM shell buffer overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=100698954308436\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-09-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the GUI authentication code of Check Point VPN-1/FireWall-1 Management Server 4.0 and 4.1 allows remote attackers to execute arbitrary code via a long user name."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-06-16T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1951",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/1951"
},
{
"name": "20010919 GUI Buffer Overflow",
"tags": [
"vendor-advisory",
"x_refsource_CHECKPOINT"
],
"url": "http://www.checkpoint.com/techsupport/alerts/buffer_overflow.html"
},
{
"name": "20010919 Check Point FireWall-1 GUI Log Viewer vulnerability (vuldb 3336)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=100094268017271\u0026w=2"
},
{
"name": "3336",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/3336"
},
{
"name": "fw1-log-viewer-bo(7145)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7145"
},
{
"name": "20011130 Fw: Firewall-1 remote SYSTEM shell buffer overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://cert.uni-stuttgart.de/archive/bugtraq/2001/11/msg00291.html"
},
{
"name": "20010921 Check Point FireWall-1 GUI Buffer Overflow",
"tags": [
"mailing-list",
"x_refsource_WIN2KSEC"
],
"url": "http://archives.neohapsis.com/archives/win2ksecadvice/2001-q3/0151.html"
},
{
"name": "20011128 Firewall-1 remote SYSTEM shell buffer overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=100698954308436\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-0940",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the GUI authentication code of Check Point VPN-1/FireWall-1 Management Server 4.0 and 4.1 allows remote attackers to execute arbitrary code via a long user name."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1951",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/1951"
},
{
"name": "20010919 GUI Buffer Overflow",
"refsource": "CHECKPOINT",
"url": "http://www.checkpoint.com/techsupport/alerts/buffer_overflow.html"
},
{
"name": "20010919 Check Point FireWall-1 GUI Log Viewer vulnerability (vuldb 3336)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=100094268017271\u0026w=2"
},
{
"name": "3336",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3336"
},
{
"name": "fw1-log-viewer-bo(7145)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7145"
},
{
"name": "20011130 Fw: Firewall-1 remote SYSTEM shell buffer overflow",
"refsource": "BUGTRAQ",
"url": "http://cert.uni-stuttgart.de/archive/bugtraq/2001/11/msg00291.html"
},
{
"name": "20010921 Check Point FireWall-1 GUI Buffer Overflow",
"refsource": "WIN2KSEC",
"url": "http://archives.neohapsis.com/archives/win2ksecadvice/2001-q3/0151.html"
},
{
"name": "20011128 Firewall-1 remote SYSTEM shell buffer overflow",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=100698954308436\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-0940",
"datePublished": "2002-06-25T04:00:00",
"dateReserved": "2002-01-31T00:00:00",
"dateUpdated": "2024-08-08T04:37:06.992Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-1431 (GCVE-0-2001-1431)
Vulnerability from cvelistv5
Published
2005-03-24 05:00
Modified
2024-08-08 04:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Nokia Firewall Appliances running IPSO 3.3 and VPN-1/FireWall-1 4.1 Service Pack 3, IPSO 3.4 and VPN-1/FireWall-1 4.1 Service Pack 4, and IPSO 3.4 or IPSO 3.4.1 and VPN-1/FireWall-1 4.1 Service Pack 5, when SYN Defender is configured in Active Gateway mode, does not properly rewrite the third packet of a TCP three-way handshake to use the NAT IP address, which allows remote attackers to gain sensitive information.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:58:11.030Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "nokia-cp-packet-retransmission(8293)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8293"
},
{
"name": "VU#258731",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/258731"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-10-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Nokia Firewall Appliances running IPSO 3.3 and VPN-1/FireWall-1 4.1 Service Pack 3, IPSO 3.4 and VPN-1/FireWall-1 4.1 Service Pack 4, and IPSO 3.4 or IPSO 3.4.1 and VPN-1/FireWall-1 4.1 Service Pack 5, when SYN Defender is configured in Active Gateway mode, does not properly rewrite the third packet of a TCP three-way handshake to use the NAT IP address, which allows remote attackers to gain sensitive information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "nokia-cp-packet-retransmission(8293)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8293"
},
{
"name": "VU#258731",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/258731"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-1431",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Nokia Firewall Appliances running IPSO 3.3 and VPN-1/FireWall-1 4.1 Service Pack 3, IPSO 3.4 and VPN-1/FireWall-1 4.1 Service Pack 4, and IPSO 3.4 or IPSO 3.4.1 and VPN-1/FireWall-1 4.1 Service Pack 5, when SYN Defender is configured in Active Gateway mode, does not properly rewrite the third packet of a TCP three-way handshake to use the NAT IP address, which allows remote attackers to gain sensitive information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "nokia-cp-packet-retransmission(8293)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8293"
},
{
"name": "VU#258731",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/258731"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-1431",
"datePublished": "2005-03-24T05:00:00",
"dateReserved": "2005-03-24T00:00:00",
"dateUpdated": "2024-08-08T04:58:11.030Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-0779 (GCVE-0-2000-0779)
Vulnerability from cvelistv5
Published
2000-10-13 04:00
Modified
2024-08-08 05:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Checkpoint Firewall-1 with the RSH/REXEC setting enabled allows remote attackers to bypass access restrictions and connect to a RSH/REXEC client via malformed connection requests.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:28:41.461Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.checkpoint.com/techsupport/alerts/list_vun.html#Improper_stderr"
},
{
"name": "1534",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1534"
},
{
"name": "1487",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/1487"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-08-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Checkpoint Firewall-1 with the RSH/REXEC setting enabled allows remote attackers to bypass access restrictions and connect to a RSH/REXEC client via malformed connection requests."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-09-02T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.checkpoint.com/techsupport/alerts/list_vun.html#Improper_stderr"
},
{
"name": "1534",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1534"
},
{
"name": "1487",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/1487"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0779",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Checkpoint Firewall-1 with the RSH/REXEC setting enabled allows remote attackers to bypass access restrictions and connect to a RSH/REXEC client via malformed connection requests."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.checkpoint.com/techsupport/alerts/list_vun.html#Improper_stderr",
"refsource": "CONFIRM",
"url": "http://www.checkpoint.com/techsupport/alerts/list_vun.html#Improper_stderr"
},
{
"name": "1534",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1534"
},
{
"name": "1487",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/1487"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0779",
"datePublished": "2000-10-13T04:00:00",
"dateReserved": "2000-09-19T00:00:00",
"dateUpdated": "2024-08-08T05:28:41.461Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-1303 (GCVE-0-2001-1303)
Vulnerability from cvelistv5
Published
2003-04-02 05:00
Modified
2024-08-08 04:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The default configuration of SecuRemote for Check Point Firewall-1 allows remote attackers to obtain sensitive configuration information for the protected network without authentication.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:51:07.609Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "3058",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/3058"
},
{
"name": "20010718 Firewall-1 Information leak",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/197566"
},
{
"name": "fw1-securemote-gain-information(6857)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6857"
},
{
"name": "588",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/588"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-07-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The default configuration of SecuRemote for Check Point Firewall-1 allows remote attackers to obtain sensitive configuration information for the protected network without authentication."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-05-09T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "3058",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/3058"
},
{
"name": "20010718 Firewall-1 Information leak",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/197566"
},
{
"name": "fw1-securemote-gain-information(6857)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6857"
},
{
"name": "588",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/588"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-1303",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The default configuration of SecuRemote for Check Point Firewall-1 allows remote attackers to obtain sensitive configuration information for the protected network without authentication."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "3058",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3058"
},
{
"name": "20010718 Firewall-1 Information leak",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/197566"
},
{
"name": "fw1-securemote-gain-information(6857)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6857"
},
{
"name": "588",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/588"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-1303",
"datePublished": "2003-04-02T05:00:00",
"dateReserved": "2002-05-01T00:00:00",
"dateUpdated": "2024-08-08T04:51:07.609Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-2679 (GCVE-0-2004-2679)
Vulnerability from cvelistv5
Published
2007-02-27 02:00
Modified
2024-08-08 01:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Check Point Firewall-1 4.1 up to NG AI R55 allows remote attackers to obtain potentially sensitive information by sending an Internet Key Exchange (IKE) with a certain Vendor ID payload that causes Firewall-1 to return a response containing version and other information.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:36:25.275Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20040616 Checkpoint Firewall-1 IKE Vendor ID information leakage",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-06/0477.html"
},
{
"name": "fw1-vendorid-info-disclosure(16434)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16434"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nta-monitor.com/news/checkpoint2004/index.htm"
},
{
"name": "10558",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10558"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-06-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Check Point Firewall-1 4.1 up to NG AI R55 allows remote attackers to obtain potentially sensitive information by sending an Internet Key Exchange (IKE) with a certain Vendor ID payload that causes Firewall-1 to return a response containing version and other information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20040616 Checkpoint Firewall-1 IKE Vendor ID information leakage",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-06/0477.html"
},
{
"name": "fw1-vendorid-info-disclosure(16434)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16434"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nta-monitor.com/news/checkpoint2004/index.htm"
},
{
"name": "10558",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10558"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-2679",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Check Point Firewall-1 4.1 up to NG AI R55 allows remote attackers to obtain potentially sensitive information by sending an Internet Key Exchange (IKE) with a certain Vendor ID payload that causes Firewall-1 to return a response containing version and other information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20040616 Checkpoint Firewall-1 IKE Vendor ID information leakage",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-06/0477.html"
},
{
"name": "fw1-vendorid-info-disclosure(16434)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16434"
},
{
"name": "http://www.nta-monitor.com/news/checkpoint2004/index.htm",
"refsource": "MISC",
"url": "http://www.nta-monitor.com/news/checkpoint2004/index.htm"
},
{
"name": "10558",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10558"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-2679",
"datePublished": "2007-02-27T02:00:00",
"dateReserved": "2007-02-26T00:00:00",
"dateUpdated": "2024-08-08T01:36:25.275Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0040 (GCVE-0-2004-0040)
Vulnerability from cvelistv5
Published
2004-09-01 04:00
Modified
2024-08-08 00:01
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Stack-based buffer overflow in Check Point VPN-1 Server 4.1 through 4.1 SP6 and Check Point SecuRemote/SecureClient 4.1 through 4.1 build 4200 allows remote attackers to execute arbitrary code via an ISAKMP packet with a large Certificate Request packet.
References
| ► | URL | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:01:23.594Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20040205 Two checkpoint fw-1/vpn-1 vulns",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107604682227031\u0026w=2"
},
{
"name": "VU#873334",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/873334"
},
{
"name": "9582",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/9582"
},
{
"name": "4432",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/4432"
},
{
"name": "vpn1-ike-bo(14150)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14150"
},
{
"name": "O-073",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC",
"x_transferred"
],
"url": "http://www.ciac.org/ciac/bulletins/o-073.shtml"
},
{
"name": "3821",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/3821"
},
{
"name": "20040204 Checkpoint VPN-1/SecureClient ISAKMP Buffer Overflow",
"tags": [
"third-party-advisory",
"x_refsource_ISS",
"x_transferred"
],
"url": "http://xforce.iss.net/xforce/alerts/id/163"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-02-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in Check Point VPN-1 Server 4.1 through 4.1 SP6 and Check Point SecuRemote/SecureClient 4.1 through 4.1 build 4200 allows remote attackers to execute arbitrary code via an ISAKMP packet with a large Certificate Request packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-08-18T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20040205 Two checkpoint fw-1/vpn-1 vulns",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107604682227031\u0026w=2"
},
{
"name": "VU#873334",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/873334"
},
{
"name": "9582",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/9582"
},
{
"name": "4432",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/4432"
},
{
"name": "vpn1-ike-bo(14150)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14150"
},
{
"name": "O-073",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC"
],
"url": "http://www.ciac.org/ciac/bulletins/o-073.shtml"
},
{
"name": "3821",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/3821"
},
{
"name": "20040204 Checkpoint VPN-1/SecureClient ISAKMP Buffer Overflow",
"tags": [
"third-party-advisory",
"x_refsource_ISS"
],
"url": "http://xforce.iss.net/xforce/alerts/id/163"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0040",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in Check Point VPN-1 Server 4.1 through 4.1 SP6 and Check Point SecuRemote/SecureClient 4.1 through 4.1 build 4200 allows remote attackers to execute arbitrary code via an ISAKMP packet with a large Certificate Request packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20040205 Two checkpoint fw-1/vpn-1 vulns",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=107604682227031\u0026w=2"
},
{
"name": "VU#873334",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/873334"
},
{
"name": "9582",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9582"
},
{
"name": "4432",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/4432"
},
{
"name": "vpn1-ike-bo(14150)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14150"
},
{
"name": "O-073",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/o-073.shtml"
},
{
"name": "3821",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/3821"
},
{
"name": "20040204 Checkpoint VPN-1/SecureClient ISAKMP Buffer Overflow",
"refsource": "ISS",
"url": "http://xforce.iss.net/xforce/alerts/id/163"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0040",
"datePublished": "2004-09-01T04:00:00",
"dateReserved": "2004-01-07T00:00:00",
"dateUpdated": "2024-08-08T00:01:23.594Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-0808 (GCVE-0-2000-0808)
Vulnerability from cvelistv5
Published
2001-01-22 05:00
Modified
2024-08-08 05:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The seed generation mechanism in the inter-module S/Key authentication mechanism in Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to bypass authentication via a brute force attack, aka "One-time (s/key) Password Authentication."
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:28:41.621Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "fw1-localhost-auth(5137)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5137"
},
{
"name": "4421",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/4421"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.checkpoint.com/techsupport/alerts/list_vun.html#One-time_Password"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-07-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The seed generation mechanism in the inter-module S/Key authentication mechanism in Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to bypass authentication via a brute force attack, aka \"One-time (s/key) Password Authentication.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-09-02T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "fw1-localhost-auth(5137)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5137"
},
{
"name": "4421",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/4421"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.checkpoint.com/techsupport/alerts/list_vun.html#One-time_Password"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0808",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The seed generation mechanism in the inter-module S/Key authentication mechanism in Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to bypass authentication via a brute force attack, aka \"One-time (s/key) Password Authentication.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "fw1-localhost-auth(5137)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5137"
},
{
"name": "4421",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/4421"
},
{
"name": "http://www.checkpoint.com/techsupport/alerts/list_vun.html#One-time_Password",
"refsource": "CONFIRM",
"url": "http://www.checkpoint.com/techsupport/alerts/list_vun.html#One-time_Password"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0808",
"datePublished": "2001-01-22T05:00:00",
"dateReserved": "2000-09-25T00:00:00",
"dateUpdated": "2024-08-08T05:28:41.621Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-0804 (GCVE-0-2000-0804)
Vulnerability from cvelistv5
Published
2001-01-22 05:00
Modified
2024-08-08 05:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to bypass the directionality check via fragmented TCP connection requests or reopening closed TCP connection requests, aka "One-way Connection Enforcement Bypass."
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:28:41.561Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "4419",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/4419"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.checkpoint.com/techsupport/alerts/list_vun.html#One-way_Connection"
},
{
"name": "fw1-remote-bypass(5468)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5468"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-07-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to bypass the directionality check via fragmented TCP connection requests or reopening closed TCP connection requests, aka \"One-way Connection Enforcement Bypass.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-09-02T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "4419",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/4419"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.checkpoint.com/techsupport/alerts/list_vun.html#One-way_Connection"
},
{
"name": "fw1-remote-bypass(5468)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5468"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0804",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to bypass the directionality check via fragmented TCP connection requests or reopening closed TCP connection requests, aka \"One-way Connection Enforcement Bypass.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "4419",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/4419"
},
{
"name": "http://www.checkpoint.com/techsupport/alerts/list_vun.html#One-way_Connection",
"refsource": "CONFIRM",
"url": "http://www.checkpoint.com/techsupport/alerts/list_vun.html#One-way_Connection"
},
{
"name": "fw1-remote-bypass(5468)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5468"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0804",
"datePublished": "2001-01-22T05:00:00",
"dateReserved": "2000-09-25T00:00:00",
"dateUpdated": "2024-08-08T05:28:41.561Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-0082 (GCVE-0-2001-0082)
Vulnerability from cvelistv5
Published
2001-02-02 05:00
Modified
2024-08-08 04:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Check Point VPN-1/FireWall-1 4.1 SP2 with Fastmode enabled allows remote attackers to bypass access restrictions via malformed, fragmented packets.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:06:55.369Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20001218 FireWall-1 Fastmode Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-12/0271.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-12-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Check Point VPN-1/FireWall-1 4.1 SP2 with Fastmode enabled allows remote attackers to bypass access restrictions via malformed, fragmented packets."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-05-08T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20001218 FireWall-1 Fastmode Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-12/0271.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-0082",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Check Point VPN-1/FireWall-1 4.1 SP2 with Fastmode enabled allows remote attackers to bypass access restrictions via malformed, fragmented packets."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20001218 FireWall-1 Fastmode Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-12/0271.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-0082",
"datePublished": "2001-02-02T05:00:00",
"dateReserved": "2001-02-01T00:00:00",
"dateUpdated": "2024-08-08T04:06:55.369Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-0813 (GCVE-0-2000-0813)
Vulnerability from cvelistv5
Published
2001-01-22 05:00
Modified
2024-08-08 05:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to redirect FTP connections to other servers ("FTP Bounce") via invalid FTP commands that are processed improperly by FireWall-1, aka "FTP Connection Enforcement Bypass."
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:28:41.527Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.checkpoint.com/techsupport/alerts/list_vun.html#FTP_Connection"
},
{
"name": "fw1-ftp-redirect(5474)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5474"
},
{
"name": "4434",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/4434"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-07-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to redirect FTP connections to other servers (\"FTP Bounce\") via invalid FTP commands that are processed improperly by FireWall-1, aka \"FTP Connection Enforcement Bypass.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-09-02T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.checkpoint.com/techsupport/alerts/list_vun.html#FTP_Connection"
},
{
"name": "fw1-ftp-redirect(5474)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5474"
},
{
"name": "4434",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/4434"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0813",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to redirect FTP connections to other servers (\"FTP Bounce\") via invalid FTP commands that are processed improperly by FireWall-1, aka \"FTP Connection Enforcement Bypass.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.checkpoint.com/techsupport/alerts/list_vun.html#FTP_Connection",
"refsource": "CONFIRM",
"url": "http://www.checkpoint.com/techsupport/alerts/list_vun.html#FTP_Connection"
},
{
"name": "fw1-ftp-redirect(5474)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5474"
},
{
"name": "4434",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/4434"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0813",
"datePublished": "2001-01-22T05:00:00",
"dateReserved": "2000-09-26T00:00:00",
"dateUpdated": "2024-08-08T05:28:41.527Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-0805 (GCVE-0-2000-0805)
Vulnerability from cvelistv5
Published
2001-01-22 05:00
Modified
2024-08-08 05:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Check Point VPN-1/FireWall-1 4.1 and earlier improperly retransmits encapsulated FWS packets, even if they do not come from a valid FWZ client, aka "Retransmission of Encapsulated Packets."
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:28:41.615Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "fw1-client-spoof(5469)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5469"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.checkpoint.com/techsupport/alerts/list_vun.html#Retransmission_of"
},
{
"name": "4415",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/4415"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-07-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Check Point VPN-1/FireWall-1 4.1 and earlier improperly retransmits encapsulated FWS packets, even if they do not come from a valid FWZ client, aka \"Retransmission of Encapsulated Packets.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-09-02T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "fw1-client-spoof(5469)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5469"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.checkpoint.com/techsupport/alerts/list_vun.html#Retransmission_of"
},
{
"name": "4415",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/4415"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0805",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Check Point VPN-1/FireWall-1 4.1 and earlier improperly retransmits encapsulated FWS packets, even if they do not come from a valid FWZ client, aka \"Retransmission of Encapsulated Packets.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "fw1-client-spoof(5469)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5469"
},
{
"name": "http://www.checkpoint.com/techsupport/alerts/list_vun.html#Retransmission_of",
"refsource": "CONFIRM",
"url": "http://www.checkpoint.com/techsupport/alerts/list_vun.html#Retransmission_of"
},
{
"name": "4415",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/4415"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0805",
"datePublished": "2001-01-22T05:00:00",
"dateReserved": "2000-09-25T00:00:00",
"dateUpdated": "2024-08-08T05:28:41.615Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0079 (GCVE-0-2004-0079)
Vulnerability from cvelistv5
Published
2004-03-18 05:00
Modified
2025-01-16 17:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:01:23.689Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "9899",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/9899"
},
{
"name": "FEDORA-2005-1042",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2005-October/msg00087.html"
},
{
"name": "ESA-20040317-003",
"tags": [
"vendor-advisory",
"x_refsource_ENGARDE",
"x_transferred"
],
"url": "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html"
},
{
"name": "SSRT4717",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108403806509920\u0026w=2"
},
{
"name": "RHSA-2004:121",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-121.html"
},
{
"name": "MDKSA-2004:023",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023"
},
{
"name": "oval:org.mitre.oval:def:2621",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2621"
},
{
"name": "CLA-2004:834",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834"
},
{
"name": "SCOSA-2004.10",
"tags": [
"vendor-advisory",
"x_refsource_SCO",
"x_transferred"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt"
},
{
"name": "17381",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17381"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm"
},
{
"name": "FEDORA-2004-095",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://fedoranews.org/updates/FEDORA-2004-095.shtml"
},
{
"name": "oval:org.mitre.oval:def:9779",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9779"
},
{
"name": "oval:org.mitre.oval:def:975",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A975"
},
{
"name": "57524",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524"
},
{
"name": "SuSE-SA:2004:007",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2004_07_openssl.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://lists.apple.com/mhonarc/security-announce/msg00045.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.openssl.org/news/secadv_20040317.txt"
},
{
"name": "FreeBSD-SA-04:05",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:05.openssl.asc"
},
{
"name": "NetBSD-SA2004-005",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc"
},
{
"name": "O-101",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC",
"x_transferred"
],
"url": "http://www.ciac.org/ciac/bulletins/o-101.shtml"
},
{
"name": "TA04-078A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html"
},
{
"name": "17401",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17401"
},
{
"name": "RHSA-2005:829",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-829.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2005-239.htm"
},
{
"name": "oval:org.mitre.oval:def:870",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A870"
},
{
"name": "RHSA-2005:830",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-830.html"
},
{
"name": "GLSA-200403-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200403-03.xml"
},
{
"name": "11139",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/11139"
},
{
"name": "RHSA-2004:120",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-120.html"
},
{
"name": "20040317 New OpenSSL releases fix denial of service attacks [17 March 2004]",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107953412903636\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.lexmark.com/index?page=content\u0026id=TE88\u0026locale=EN\u0026userlocale=EN_US"
},
{
"name": "APPLE-SA-2005-08-15",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html"
},
{
"name": "17398",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17398"
},
{
"name": "SSA:2004-077",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.455961"
},
{
"name": "RHSA-2004:139",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-139.html"
},
{
"name": "openssl-dochangecipherspec-dos(15505)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15505"
},
{
"name": "2004-0012",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/2004/0012"
},
{
"name": "20040317 Cisco OpenSSL Implementation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://docs.info.apple.com/article.html?artnum=61798"
},
{
"name": "VU#288574",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/288574"
},
{
"name": "DSA-465",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-465"
},
{
"name": "APPLE-SA-2005-08-17",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html"
},
{
"name": "18247",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18247"
},
{
"name": "oval:org.mitre.oval:def:5770",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5770"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2004-0079",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-08T16:21:54.985893Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476 NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-16T17:33:22.869Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-03-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "9899",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/9899"
},
{
"name": "FEDORA-2005-1042",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2005-October/msg00087.html"
},
{
"name": "ESA-20040317-003",
"tags": [
"vendor-advisory",
"x_refsource_ENGARDE"
],
"url": "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html"
},
{
"name": "SSRT4717",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108403806509920\u0026w=2"
},
{
"name": "RHSA-2004:121",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-121.html"
},
{
"name": "MDKSA-2004:023",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023"
},
{
"name": "oval:org.mitre.oval:def:2621",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2621"
},
{
"name": "CLA-2004:834",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834"
},
{
"name": "SCOSA-2004.10",
"tags": [
"vendor-advisory",
"x_refsource_SCO"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt"
},
{
"name": "17381",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17381"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm"
},
{
"name": "FEDORA-2004-095",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://fedoranews.org/updates/FEDORA-2004-095.shtml"
},
{
"name": "oval:org.mitre.oval:def:9779",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9779"
},
{
"name": "oval:org.mitre.oval:def:975",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A975"
},
{
"name": "57524",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524"
},
{
"name": "SuSE-SA:2004:007",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2004_07_openssl.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://lists.apple.com/mhonarc/security-announce/msg00045.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.openssl.org/news/secadv_20040317.txt"
},
{
"name": "FreeBSD-SA-04:05",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:05.openssl.asc"
},
{
"name": "NetBSD-SA2004-005",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc"
},
{
"name": "O-101",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC"
],
"url": "http://www.ciac.org/ciac/bulletins/o-101.shtml"
},
{
"name": "TA04-078A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html"
},
{
"name": "17401",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17401"
},
{
"name": "RHSA-2005:829",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-829.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2005-239.htm"
},
{
"name": "oval:org.mitre.oval:def:870",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A870"
},
{
"name": "RHSA-2005:830",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-830.html"
},
{
"name": "GLSA-200403-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200403-03.xml"
},
{
"name": "11139",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/11139"
},
{
"name": "RHSA-2004:120",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-120.html"
},
{
"name": "20040317 New OpenSSL releases fix denial of service attacks [17 March 2004]",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107953412903636\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.lexmark.com/index?page=content\u0026id=TE88\u0026locale=EN\u0026userlocale=EN_US"
},
{
"name": "APPLE-SA-2005-08-15",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html"
},
{
"name": "17398",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17398"
},
{
"name": "SSA:2004-077",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.455961"
},
{
"name": "RHSA-2004:139",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-139.html"
},
{
"name": "openssl-dochangecipherspec-dos(15505)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15505"
},
{
"name": "2004-0012",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/2004/0012"
},
{
"name": "20040317 Cisco OpenSSL Implementation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://docs.info.apple.com/article.html?artnum=61798"
},
{
"name": "VU#288574",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/288574"
},
{
"name": "DSA-465",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-465"
},
{
"name": "APPLE-SA-2005-08-17",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html"
},
{
"name": "18247",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18247"
},
{
"name": "oval:org.mitre.oval:def:5770",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5770"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0079",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "9899",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9899"
},
{
"name": "FEDORA-2005-1042",
"refsource": "FEDORA",
"url": "http://www.redhat.com/archives/fedora-announce-list/2005-October/msg00087.html"
},
{
"name": "ESA-20040317-003",
"refsource": "ENGARDE",
"url": "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html"
},
{
"name": "SSRT4717",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=108403806509920\u0026w=2"
},
{
"name": "RHSA-2004:121",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-121.html"
},
{
"name": "MDKSA-2004:023",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023"
},
{
"name": "oval:org.mitre.oval:def:2621",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2621"
},
{
"name": "CLA-2004:834",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834"
},
{
"name": "SCOSA-2004.10",
"refsource": "SCO",
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt"
},
{
"name": "17381",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17381"
},
{
"name": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm",
"refsource": "MISC",
"url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm"
},
{
"name": "FEDORA-2004-095",
"refsource": "FEDORA",
"url": "http://fedoranews.org/updates/FEDORA-2004-095.shtml"
},
{
"name": "oval:org.mitre.oval:def:9779",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9779"
},
{
"name": "oval:org.mitre.oval:def:975",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A975"
},
{
"name": "57524",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524"
},
{
"name": "SuSE-SA:2004:007",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2004_07_openssl.html"
},
{
"name": "http://lists.apple.com/mhonarc/security-announce/msg00045.html",
"refsource": "CONFIRM",
"url": "http://lists.apple.com/mhonarc/security-announce/msg00045.html"
},
{
"name": "http://www.openssl.org/news/secadv_20040317.txt",
"refsource": "CONFIRM",
"url": "http://www.openssl.org/news/secadv_20040317.txt"
},
{
"name": "FreeBSD-SA-04:05",
"refsource": "FREEBSD",
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:05.openssl.asc"
},
{
"name": "NetBSD-SA2004-005",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc"
},
{
"name": "O-101",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/o-101.shtml"
},
{
"name": "TA04-078A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html"
},
{
"name": "17401",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17401"
},
{
"name": "RHSA-2005:829",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-829.html"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2005-239.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2005-239.htm"
},
{
"name": "oval:org.mitre.oval:def:870",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A870"
},
{
"name": "RHSA-2005:830",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-830.html"
},
{
"name": "GLSA-200403-03",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200403-03.xml"
},
{
"name": "11139",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/11139"
},
{
"name": "RHSA-2004:120",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-120.html"
},
{
"name": "20040317 New OpenSSL releases fix denial of service attacks [17 March 2004]",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=107953412903636\u0026w=2"
},
{
"name": "http://support.lexmark.com/index?page=content\u0026id=TE88\u0026locale=EN\u0026userlocale=EN_US",
"refsource": "CONFIRM",
"url": "http://support.lexmark.com/index?page=content\u0026id=TE88\u0026locale=EN\u0026userlocale=EN_US"
},
{
"name": "APPLE-SA-2005-08-15",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html"
},
{
"name": "17398",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17398"
},
{
"name": "SSA:2004-077",
"refsource": "SLACKWARE",
"url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.455961"
},
{
"name": "RHSA-2004:139",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-139.html"
},
{
"name": "openssl-dochangecipherspec-dos(15505)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15505"
},
{
"name": "2004-0012",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2004/0012"
},
{
"name": "20040317 Cisco OpenSSL Implementation Vulnerability",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml"
},
{
"name": "http://docs.info.apple.com/article.html?artnum=61798",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=61798"
},
{
"name": "VU#288574",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/288574"
},
{
"name": "DSA-465",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-465"
},
{
"name": "APPLE-SA-2005-08-17",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html"
},
{
"name": "18247",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18247"
},
{
"name": "oval:org.mitre.oval:def:5770",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5770"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0079",
"datePublished": "2004-03-18T05:00:00",
"dateReserved": "2004-01-19T00:00:00",
"dateUpdated": "2025-01-16T17:33:22.869Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-0806 (GCVE-0-2000-0806)
Vulnerability from cvelistv5
Published
2001-01-22 05:00
Modified
2024-08-08 05:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The inter-module authentication mechanism (fwa1) in Check Point VPN-1/FireWall-1 4.1 and earlier may allow remote attackers to conduct a denial of service, aka "Inter-module Communications Bypass."
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:28:41.618Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.checkpoint.com/techsupport/alerts/list_vun.html#Inter-module_Communications"
},
{
"name": "fw1-fwa1-auth-replay(5162)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5162"
},
{
"name": "4413",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/4413"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-07-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The inter-module authentication mechanism (fwa1) in Check Point VPN-1/FireWall-1 4.1 and earlier may allow remote attackers to conduct a denial of service, aka \"Inter-module Communications Bypass.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-09-02T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.checkpoint.com/techsupport/alerts/list_vun.html#Inter-module_Communications"
},
{
"name": "fw1-fwa1-auth-replay(5162)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5162"
},
{
"name": "4413",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/4413"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0806",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The inter-module authentication mechanism (fwa1) in Check Point VPN-1/FireWall-1 4.1 and earlier may allow remote attackers to conduct a denial of service, aka \"Inter-module Communications Bypass.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.checkpoint.com/techsupport/alerts/list_vun.html#Inter-module_Communications",
"refsource": "CONFIRM",
"url": "http://www.checkpoint.com/techsupport/alerts/list_vun.html#Inter-module_Communications"
},
{
"name": "fw1-fwa1-auth-replay(5162)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5162"
},
{
"name": "4413",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/4413"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0806",
"datePublished": "2001-01-22T05:00:00",
"dateReserved": "2000-09-25T00:00:00",
"dateUpdated": "2024-08-08T05:28:41.618Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0039 (GCVE-0-2004-0039)
Vulnerability from cvelistv5
Published
2004-02-11 05:00
Modified
2024-08-08 00:01
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple format string vulnerabilities in HTTP Application Intelligence (AI) component in Check Point Firewall-1 NG-AI R55 and R54, and Check Point Firewall-1 HTTP Security Server included with NG FP1, FP2, and FP3 allows remote attackers to execute arbitrary code via HTTP requests that cause format string specifiers to be used in an error message, as demonstrated using the scheme of a URI.
References
| ► | URL | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:01:23.602Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20040204 Checkpoint Firewall-1 HTTP Parsing Format String Vulnerabilities",
"tags": [
"third-party-advisory",
"x_refsource_ISS",
"x_transferred"
],
"url": "http://xforce.iss.net/xforce/alerts/id/162"
},
{
"name": "VU#790771",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/790771"
},
{
"name": "20040205 Two checkpoint fw-1/vpn-1 vulns",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107604682227031\u0026w=2"
},
{
"name": "fw1-format-string(14149)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14149"
},
{
"name": "O-072",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC",
"x_transferred"
],
"url": "http://www.ciac.org/ciac/bulletins/o-072.shtml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.checkpoint.com/techsupport/alerts/security_server.html"
},
{
"name": "9581",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/9581"
},
{
"name": "TA04-036A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-036A.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-02-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple format string vulnerabilities in HTTP Application Intelligence (AI) component in Check Point Firewall-1 NG-AI R55 and R54, and Check Point Firewall-1 HTTP Security Server included with NG FP1, FP2, and FP3 allows remote attackers to execute arbitrary code via HTTP requests that cause format string specifiers to be used in an error message, as demonstrated using the scheme of a URI."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20040204 Checkpoint Firewall-1 HTTP Parsing Format String Vulnerabilities",
"tags": [
"third-party-advisory",
"x_refsource_ISS"
],
"url": "http://xforce.iss.net/xforce/alerts/id/162"
},
{
"name": "VU#790771",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/790771"
},
{
"name": "20040205 Two checkpoint fw-1/vpn-1 vulns",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107604682227031\u0026w=2"
},
{
"name": "fw1-format-string(14149)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14149"
},
{
"name": "O-072",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC"
],
"url": "http://www.ciac.org/ciac/bulletins/o-072.shtml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.checkpoint.com/techsupport/alerts/security_server.html"
},
{
"name": "9581",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/9581"
},
{
"name": "TA04-036A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-036A.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0039",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple format string vulnerabilities in HTTP Application Intelligence (AI) component in Check Point Firewall-1 NG-AI R55 and R54, and Check Point Firewall-1 HTTP Security Server included with NG FP1, FP2, and FP3 allows remote attackers to execute arbitrary code via HTTP requests that cause format string specifiers to be used in an error message, as demonstrated using the scheme of a URI."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20040204 Checkpoint Firewall-1 HTTP Parsing Format String Vulnerabilities",
"refsource": "ISS",
"url": "http://xforce.iss.net/xforce/alerts/id/162"
},
{
"name": "VU#790771",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/790771"
},
{
"name": "20040205 Two checkpoint fw-1/vpn-1 vulns",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=107604682227031\u0026w=2"
},
{
"name": "fw1-format-string(14149)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14149"
},
{
"name": "O-072",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/o-072.shtml"
},
{
"name": "http://www.checkpoint.com/techsupport/alerts/security_server.html",
"refsource": "CONFIRM",
"url": "http://www.checkpoint.com/techsupport/alerts/security_server.html"
},
{
"name": "9581",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9581"
},
{
"name": "TA04-036A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA04-036A.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0039",
"datePublished": "2004-02-11T05:00:00",
"dateReserved": "2004-01-07T00:00:00",
"dateUpdated": "2024-08-08T00:01:23.602Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-1102 (GCVE-0-2001-1102)
Vulnerability from cvelistv5
Published
2002-03-15 05:00
Modified
2024-08-08 04:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Check Point FireWall-1 3.0b through 4.1 for Solaris allows local users to overwrite arbitrary files via a symlink attack on temporary policy files that end in a .cpp extension, which are set world-writable.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:44:07.388Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "3300",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/3300"
},
{
"name": "fw1-tmp-file-symlink(7094)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7094"
},
{
"name": "20010908 Bug in compile portion for older versions of CheckPoint Firewalls",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/212824"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-09-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Check Point FireWall-1 3.0b through 4.1 for Solaris allows local users to overwrite arbitrary files via a symlink attack on temporary policy files that end in a .cpp extension, which are set world-writable."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-18T21:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "3300",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/3300"
},
{
"name": "fw1-tmp-file-symlink(7094)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7094"
},
{
"name": "20010908 Bug in compile portion for older versions of CheckPoint Firewalls",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/212824"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-1102",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Check Point FireWall-1 3.0b through 4.1 for Solaris allows local users to overwrite arbitrary files via a symlink attack on temporary policy files that end in a .cpp extension, which are set world-writable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "3300",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3300"
},
{
"name": "fw1-tmp-file-symlink(7094)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7094"
},
{
"name": "20010908 Bug in compile portion for older versions of CheckPoint Firewalls",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/212824"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-1102",
"datePublished": "2002-03-15T05:00:00",
"dateReserved": "2002-03-15T00:00:00",
"dateUpdated": "2024-08-08T04:44:07.388Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-2405 (GCVE-0-2002-2405)
Vulnerability from cvelistv5
Published
2007-11-01 17:00
Modified
2024-09-16 21:07
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Check Point FireWall-1 4.1 and Next Generation (NG), with UserAuth configured to proxy HTTP traffic only, allows remote attackers to pass unauthorized HTTPS, FTP and possibly other traffic through the firewall.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:59:12.018Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "5744",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5744"
},
{
"name": "20020918 Firewall-1 \u0096HTTP Security Server - Proxy vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-09/0219.html"
},
{
"name": "fw1-http-proxy-bypass(10139)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10139.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Check Point FireWall-1 4.1 and Next Generation (NG), with UserAuth configured to proxy HTTP traffic only, allows remote attackers to pass unauthorized HTTPS, FTP and possibly other traffic through the firewall."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-11-01T17:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "5744",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5744"
},
{
"name": "20020918 Firewall-1 \u0096HTTP Security Server - Proxy vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-09/0219.html"
},
{
"name": "fw1-http-proxy-bypass(10139)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10139.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-2405",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Check Point FireWall-1 4.1 and Next Generation (NG), with UserAuth configured to proxy HTTP traffic only, allows remote attackers to pass unauthorized HTTPS, FTP and possibly other traffic through the firewall."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "5744",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5744"
},
{
"name": "20020918 Firewall-1 \u0096HTTP Security Server - Proxy vulnerability",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-09/0219.html"
},
{
"name": "fw1-http-proxy-bypass(10139)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10139.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-2405",
"datePublished": "2007-11-01T17:00:00Z",
"dateReserved": "2007-11-01T00:00:00Z",
"dateUpdated": "2024-09-16T21:07:26.597Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0469 (GCVE-0-2004-0469)
Vulnerability from cvelistv5
Published
2004-05-14 04:00
Modified
2024-08-08 00:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in the ISAKMP functionality for Check Point VPN-1 and FireWall-1 NG products, before VPN-1/FireWall-1 R55 HFA-03, R54 HFA-410 and NG FP3 HFA-325, or VPN-1 SecuRemote/SecureClient R56, may allow remote attackers to execute arbitrary code during VPN tunnel negotiation.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:17:14.985Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "vpn1-isakmp-bo(16060)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16060"
},
{
"name": "20040504 ISAKMP Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CHECKPOINT",
"x_transferred"
],
"url": "http://www.checkpoint.com/techsupport/alerts/ike_vpn.html"
},
{
"name": "10273",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10273"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-05-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the ISAKMP functionality for Check Point VPN-1 and FireWall-1 NG products, before VPN-1/FireWall-1 R55 HFA-03, R54 HFA-410 and NG FP3 HFA-325, or VPN-1 SecuRemote/SecureClient R56, may allow remote attackers to execute arbitrary code during VPN tunnel negotiation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "vpn1-isakmp-bo(16060)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16060"
},
{
"name": "20040504 ISAKMP Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CHECKPOINT"
],
"url": "http://www.checkpoint.com/techsupport/alerts/ike_vpn.html"
},
{
"name": "10273",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10273"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0469",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the ISAKMP functionality for Check Point VPN-1 and FireWall-1 NG products, before VPN-1/FireWall-1 R55 HFA-03, R54 HFA-410 and NG FP3 HFA-325, or VPN-1 SecuRemote/SecureClient R56, may allow remote attackers to execute arbitrary code during VPN tunnel negotiation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "vpn1-isakmp-bo(16060)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16060"
},
{
"name": "20040504 ISAKMP Vulnerability",
"refsource": "CHECKPOINT",
"url": "http://www.checkpoint.com/techsupport/alerts/ike_vpn.html"
},
{
"name": "10273",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10273"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0469",
"datePublished": "2004-05-14T04:00:00",
"dateReserved": "2004-05-12T00:00:00",
"dateUpdated": "2024-08-08T00:17:14.985Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0757 (GCVE-0-2003-0757)
Vulnerability from cvelistv5
Published
2003-09-06 04:00
Modified
2024-09-16 19:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Check Point FireWall-1 4.0 and 4.1 before SP5 allows remote attackers to obtain the IP addresses of internal interfaces via certain SecuRemote requests to TCP ports 256 or 264, which leaks the IP addresses in a reply packet.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:05:12.479Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20030902 IRM 007: The IP addresses of Check Point Firewall-1 internal interfaces may be enumerated using SecuRemote",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-09/0018.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Check Point FireWall-1 4.0 and 4.1 before SP5 allows remote attackers to obtain the IP addresses of internal interfaces via certain SecuRemote requests to TCP ports 256 or 264, which leaks the IP addresses in a reply packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-09-06T04:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20030902 IRM 007: The IP addresses of Check Point Firewall-1 internal interfaces may be enumerated using SecuRemote",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-09/0018.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0757",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Check Point FireWall-1 4.0 and 4.1 before SP5 allows remote attackers to obtain the IP addresses of internal interfaces via certain SecuRemote requests to TCP ports 256 or 264, which leaks the IP addresses in a reply packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20030902 IRM 007: The IP addresses of Check Point Firewall-1 internal interfaces may be enumerated using SecuRemote",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-09/0018.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0757",
"datePublished": "2003-09-06T04:00:00Z",
"dateReserved": "2003-09-04T00:00:00Z",
"dateUpdated": "2024-09-16T19:36:35.423Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-0807 (GCVE-0-2000-0807)
Vulnerability from cvelistv5
Published
2001-01-22 05:00
Modified
2024-08-08 05:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The OPSEC communications authentication mechanism (fwn1) in Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to spoof connections, aka the "OPSEC Authentication Vulnerability."
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:28:41.562Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.checkpoint.com/techsupport/alerts/list_vun.html#OPSEC_Authentication"
},
{
"name": "fw1-opsec-auth-spoof(5471)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5471"
},
{
"name": "4420",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/4420"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-07-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The OPSEC communications authentication mechanism (fwn1) in Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to spoof connections, aka the \"OPSEC Authentication Vulnerability.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-09-02T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.checkpoint.com/techsupport/alerts/list_vun.html#OPSEC_Authentication"
},
{
"name": "fw1-opsec-auth-spoof(5471)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5471"
},
{
"name": "4420",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/4420"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0807",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The OPSEC communications authentication mechanism (fwn1) in Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to spoof connections, aka the \"OPSEC Authentication Vulnerability.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.checkpoint.com/techsupport/alerts/list_vun.html#OPSEC_Authentication",
"refsource": "CONFIRM",
"url": "http://www.checkpoint.com/techsupport/alerts/list_vun.html#OPSEC_Authentication"
},
{
"name": "fw1-opsec-auth-spoof(5471)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5471"
},
{
"name": "4420",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/4420"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0807",
"datePublished": "2001-01-22T05:00:00",
"dateReserved": "2000-09-25T00:00:00",
"dateUpdated": "2024-08-08T05:28:41.562Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-0182 (GCVE-0-2001-0182)
Vulnerability from cvelistv5
Published
2001-09-18 04:00
Modified
2024-08-08 04:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
FireWall-1 4.1 with a limited-IP license allows remote attackers to cause a denial of service by sending a large number of spoofed IP packets with various source addresses to the inside interface, which floods the console with warning messages and consumes CPU resources.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:14:06.551Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1733",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/1733"
},
{
"name": "fw1-limited-license-dos(5966)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5966"
},
{
"name": "20010117 Licensing Firewall-1 DoS Attack",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-01/0298.html"
},
{
"name": "2238",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/2238"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-01-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "FireWall-1 4.1 with a limited-IP license allows remote attackers to cause a denial of service by sending a large number of spoofed IP packets with various source addresses to the inside interface, which floods the console with warning messages and consumes CPU resources."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-09-02T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1733",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/1733"
},
{
"name": "fw1-limited-license-dos(5966)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5966"
},
{
"name": "20010117 Licensing Firewall-1 DoS Attack",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-01/0298.html"
},
{
"name": "2238",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/2238"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-0182",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "FireWall-1 4.1 with a limited-IP license allows remote attackers to cause a denial of service by sending a large number of spoofed IP packets with various source addresses to the inside interface, which floods the console with warning messages and consumes CPU resources."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1733",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/1733"
},
{
"name": "fw1-limited-license-dos(5966)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5966"
},
{
"name": "20010117 Licensing Firewall-1 DoS Attack",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-01/0298.html"
},
{
"name": "2238",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/2238"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-0182",
"datePublished": "2001-09-18T04:00:00",
"dateReserved": "2001-03-08T00:00:00",
"dateUpdated": "2024-08-08T04:14:06.551Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-1171 (GCVE-0-2001-1171)
Vulnerability from cvelistv5
Published
2002-03-15 05:00
Modified
2024-08-08 04:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Check Point Firewall-1 3.0b through 4.0 SP1 follows symlinks and creates a world-writable temporary .cpp file when compiling Policy rules, which could allow local users to gain privileges or modify the firewall policy.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:44:08.307Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20010907 Bug in compile portion for older versions of CheckPoint Firewalls",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-09/0046.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-09-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Check Point Firewall-1 3.0b through 4.0 SP1 follows symlinks and creates a world-writable temporary .cpp file when compiling Policy rules, which could allow local users to gain privileges or modify the firewall policy."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-03-22T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20010907 Bug in compile portion for older versions of CheckPoint Firewalls",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-09/0046.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-1171",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Check Point Firewall-1 3.0b through 4.0 SP1 follows symlinks and creates a world-writable temporary .cpp file when compiling Policy rules, which could allow local users to gain privileges or modify the firewall policy."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20010907 Bug in compile portion for older versions of CheckPoint Firewalls",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-09/0046.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-1171",
"datePublished": "2002-03-15T05:00:00",
"dateReserved": "2002-03-15T00:00:00",
"dateUpdated": "2024-08-08T04:44:08.307Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-0809 (GCVE-0-2000-0809)
Vulnerability from cvelistv5
Published
2001-01-22 05:00
Modified
2024-08-08 05:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in Getkey in the protocol checker in the inter-module communication mechanism in Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to cause a denial of service.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:28:41.617Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "4422",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/4422"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.checkpoint.com/techsupport/alerts/list_vun.html#Getkey_Buffer"
},
{
"name": "fw1-getkey-bo(5139)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5139"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-07-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Getkey in the protocol checker in the inter-module communication mechanism in Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to cause a denial of service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-09-02T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "4422",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/4422"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.checkpoint.com/techsupport/alerts/list_vun.html#Getkey_Buffer"
},
{
"name": "fw1-getkey-bo(5139)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5139"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0809",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Getkey in the protocol checker in the inter-module communication mechanism in Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to cause a denial of service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "4422",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/4422"
},
{
"name": "http://www.checkpoint.com/techsupport/alerts/list_vun.html#Getkey_Buffer",
"refsource": "CONFIRM",
"url": "http://www.checkpoint.com/techsupport/alerts/list_vun.html#Getkey_Buffer"
},
{
"name": "fw1-getkey-bo(5139)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5139"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0809",
"datePublished": "2001-01-22T05:00:00",
"dateReserved": "2000-09-25T00:00:00",
"dateUpdated": "2024-08-08T05:28:41.617Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-1204 (GCVE-0-1999-1204)
Vulnerability from cvelistv5
Published
2002-03-09 05:00
Modified
2024-08-01 17:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Check Point Firewall-1 does not properly handle certain restricted keywords (e.g., Mail, auth, time) in user-defined objects, which could produce a rule with a default "ANY" address and result in access to more systems than intended by the administrator.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:02:53.810Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "4416",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/4416"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.checkpoint.com/techsupport/config/keywords.html"
},
{
"name": "fw1-user-defined-keywords-access(7293)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7293"
},
{
"name": "19980511 Firewall-1 Reserved Keywords Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=90221101925912\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1998-05-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Check Point Firewall-1 does not properly handle certain restricted keywords (e.g., Mail, auth, time) in user-defined objects, which could produce a rule with a default \"ANY\" address and result in access to more systems than intended by the administrator."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-02-20T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "4416",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/4416"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.checkpoint.com/techsupport/config/keywords.html"
},
{
"name": "fw1-user-defined-keywords-access(7293)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7293"
},
{
"name": "19980511 Firewall-1 Reserved Keywords Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=90221101925912\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1204",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Check Point Firewall-1 does not properly handle certain restricted keywords (e.g., Mail, auth, time) in user-defined objects, which could produce a rule with a default \"ANY\" address and result in access to more systems than intended by the administrator."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "4416",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/4416"
},
{
"name": "http://www.checkpoint.com/techsupport/config/keywords.html",
"refsource": "CONFIRM",
"url": "http://www.checkpoint.com/techsupport/config/keywords.html"
},
{
"name": "fw1-user-defined-keywords-access(7293)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7293"
},
{
"name": "19980511 Firewall-1 Reserved Keywords Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=90221101925912\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-1204",
"datePublished": "2002-03-09T05:00:00",
"dateReserved": "2001-08-31T00:00:00",
"dateUpdated": "2024-08-01T17:02:53.810Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-3885 (GCVE-0-2006-3885)
Vulnerability from cvelistv5
Published
2006-07-27 00:00
Modified
2024-08-07 18:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Directory traversal vulnerability in Check Point Firewall-1 R55W before HFA03 allows remote attackers to read arbitrary files via an encoded .. (dot dot) in the URL on TCP port 18264.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:48:39.337Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20060726 Re: Check Point R55W Directory Traversal",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/441495/100/0/threaded"
},
{
"name": "fw1-encoded-characters-directory-traversal(27937)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27937"
},
{
"name": "1290",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/1290"
},
{
"name": "20060724 Check Point R55W Directory Traversal",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/440990/100/0/threaded"
},
{
"name": "19136",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19136"
},
{
"name": "21200",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21200"
},
{
"name": "1016563",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016563"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.sec-tec.co.uk/vulnerability/r55w_directory_traversal.html"
},
{
"name": "ADV-2006-2965",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2965"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-07-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in Check Point Firewall-1 R55W before HFA03 allows remote attackers to read arbitrary files via an encoded .. (dot dot) in the URL on TCP port 18264."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20060726 Re: Check Point R55W Directory Traversal",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/441495/100/0/threaded"
},
{
"name": "fw1-encoded-characters-directory-traversal(27937)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27937"
},
{
"name": "1290",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/1290"
},
{
"name": "20060724 Check Point R55W Directory Traversal",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/440990/100/0/threaded"
},
{
"name": "19136",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19136"
},
{
"name": "21200",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21200"
},
{
"name": "1016563",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016563"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.sec-tec.co.uk/vulnerability/r55w_directory_traversal.html"
},
{
"name": "ADV-2006-2965",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2965"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3885",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in Check Point Firewall-1 R55W before HFA03 allows remote attackers to read arbitrary files via an encoded .. (dot dot) in the URL on TCP port 18264."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20060726 Re: Check Point R55W Directory Traversal",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/441495/100/0/threaded"
},
{
"name": "fw1-encoded-characters-directory-traversal(27937)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27937"
},
{
"name": "1290",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1290"
},
{
"name": "20060724 Check Point R55W Directory Traversal",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/440990/100/0/threaded"
},
{
"name": "19136",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19136"
},
{
"name": "21200",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21200"
},
{
"name": "1016563",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016563"
},
{
"name": "http://www.sec-tec.co.uk/vulnerability/r55w_directory_traversal.html",
"refsource": "MISC",
"url": "http://www.sec-tec.co.uk/vulnerability/r55w_directory_traversal.html"
},
{
"name": "ADV-2006-2965",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2965"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-3885",
"datePublished": "2006-07-27T00:00:00",
"dateReserved": "2006-07-26T00:00:00",
"dateUpdated": "2024-08-07T18:48:39.337Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-1037 (GCVE-0-2000-1037)
Vulnerability from cvelistv5
Published
2000-11-29 05:00
Modified
2024-08-08 05:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Check Point Firewall-1 session agent 3.0 through 4.1 generates different error messages for invalid user names versus invalid passwords, which allows remote attackers to determine valid usernames and guess a password via a brute force attack.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:37:32.409Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1662",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1662"
},
{
"name": "20000815 Firewall-1 session agent 3.0 -\u003e 4.1, dictionnary and brute force attack",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/76389"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-08-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Check Point Firewall-1 session agent 3.0 through 4.1 generates different error messages for invalid user names versus invalid passwords, which allows remote attackers to determine valid usernames and guess a password via a brute force attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-03-21T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1662",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1662"
},
{
"name": "20000815 Firewall-1 session agent 3.0 -\u003e 4.1, dictionnary and brute force attack",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/76389"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-1037",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Check Point Firewall-1 session agent 3.0 through 4.1 generates different error messages for invalid user names versus invalid passwords, which allows remote attackers to determine valid usernames and guess a password via a brute force attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1662",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1662"
},
{
"name": "20000815 Firewall-1 session agent 3.0 -\u003e 4.1, dictionnary and brute force attack",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/76389"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-1037",
"datePublished": "2000-11-29T05:00:00",
"dateReserved": "2000-11-24T00:00:00",
"dateUpdated": "2024-08-08T05:37:32.409Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-3673 (GCVE-0-2005-3673)
Vulnerability from cvelistv5
Published
2005-11-18 21:00
Modified
2024-08-07 23:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Internet Key Exchange version 1 (IKEv1) implementation in Check Point products allows remote attackers to cause a denial of service via certain crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:17:23.416Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "17621",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17621"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=en"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://jvn.jp/niscc/NISCC-273756/index.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/"
},
{
"name": "VU#226364",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/226364"
},
{
"name": "ADV-2005-2470",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2005/2470"
},
{
"name": "15479",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/15479"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://secureknowledge.us.checkpoint.com/SecureKnowledge/viewSolutionDocument.do?id=sk31316"
},
{
"name": "1015235",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015235"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-11-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Internet Key Exchange version 1 (IKEv1) implementation in Check Point products allows remote attackers to cause a denial of service via certain crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-24T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "17621",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17621"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=en"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://jvn.jp/niscc/NISCC-273756/index.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/"
},
{
"name": "VU#226364",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/226364"
},
{
"name": "ADV-2005-2470",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2005/2470"
},
{
"name": "15479",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/15479"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://secureknowledge.us.checkpoint.com/SecureKnowledge/viewSolutionDocument.do?id=sk31316"
},
{
"name": "1015235",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015235"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-3673",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Internet Key Exchange version 1 (IKEv1) implementation in Check Point products allows remote attackers to cause a denial of service via certain crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "17621",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17621"
},
{
"name": "http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=en",
"refsource": "MISC",
"url": "http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=en"
},
{
"name": "http://jvn.jp/niscc/NISCC-273756/index.html",
"refsource": "MISC",
"url": "http://jvn.jp/niscc/NISCC-273756/index.html"
},
{
"name": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/",
"refsource": "MISC",
"url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/"
},
{
"name": "VU#226364",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/226364"
},
{
"name": "ADV-2005-2470",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/2470"
},
{
"name": "15479",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15479"
},
{
"name": "http://secureknowledge.us.checkpoint.com/SecureKnowledge/viewSolutionDocument.do?id=sk31316",
"refsource": "CONFIRM",
"url": "http://secureknowledge.us.checkpoint.com/SecureKnowledge/viewSolutionDocument.do?id=sk31316"
},
{
"name": "1015235",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015235"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-3673",
"datePublished": "2005-11-18T21:00:00",
"dateReserved": "2005-11-18T00:00:00",
"dateUpdated": "2024-08-07T23:17:23.416Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0112 (GCVE-0-2004-0112)
Vulnerability from cvelistv5
Published
2004-03-18 05:00
Modified
2024-08-08 00:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:10:03.359Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "9899",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/9899"
},
{
"name": "SSRT4717",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108403806509920\u0026w=2"
},
{
"name": "RHSA-2004:121",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-121.html"
},
{
"name": "MDKSA-2004:023",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023"
},
{
"name": "CLA-2004:834",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834"
},
{
"name": "SCOSA-2004.10",
"tags": [
"vendor-advisory",
"x_refsource_SCO",
"x_transferred"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm"
},
{
"name": "57524",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524"
},
{
"name": "SuSE-SA:2004:007",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2004_07_openssl.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://lists.apple.com/mhonarc/security-announce/msg00045.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.openssl.org/news/secadv_20040317.txt"
},
{
"name": "NetBSD-SA2004-005",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc"
},
{
"name": "O-101",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC",
"x_transferred"
],
"url": "http://www.ciac.org/ciac/bulletins/o-101.shtml"
},
{
"name": "TA04-078A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html"
},
{
"name": "oval:org.mitre.oval:def:1049",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1049"
},
{
"name": "openssl-kerberos-ciphersuites-dos(15508)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15508"
},
{
"name": "VU#484726",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/484726"
},
{
"name": "GLSA-200403-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200403-03.xml"
},
{
"name": "oval:org.mitre.oval:def:9580",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9580"
},
{
"name": "11139",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/11139"
},
{
"name": "RHSA-2004:120",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-120.html"
},
{
"name": "20040317 New OpenSSL releases fix denial of service attacks [17 March 2004]",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107953412903636\u0026w=2"
},
{
"name": "APPLE-SA-2005-08-15",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html"
},
{
"name": "SSA:2004-077",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.455961"
},
{
"name": "2004-0012",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/2004/0012"
},
{
"name": "20040317 Cisco OpenSSL Implementation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://docs.info.apple.com/article.html?artnum=61798"
},
{
"name": "APPLE-SA-2005-08-17",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html"
},
{
"name": "oval:org.mitre.oval:def:928",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A928"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-03-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "9899",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/9899"
},
{
"name": "SSRT4717",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108403806509920\u0026w=2"
},
{
"name": "RHSA-2004:121",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-121.html"
},
{
"name": "MDKSA-2004:023",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023"
},
{
"name": "CLA-2004:834",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834"
},
{
"name": "SCOSA-2004.10",
"tags": [
"vendor-advisory",
"x_refsource_SCO"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm"
},
{
"name": "57524",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524"
},
{
"name": "SuSE-SA:2004:007",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2004_07_openssl.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://lists.apple.com/mhonarc/security-announce/msg00045.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.openssl.org/news/secadv_20040317.txt"
},
{
"name": "NetBSD-SA2004-005",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc"
},
{
"name": "O-101",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC"
],
"url": "http://www.ciac.org/ciac/bulletins/o-101.shtml"
},
{
"name": "TA04-078A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html"
},
{
"name": "oval:org.mitre.oval:def:1049",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1049"
},
{
"name": "openssl-kerberos-ciphersuites-dos(15508)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15508"
},
{
"name": "VU#484726",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/484726"
},
{
"name": "GLSA-200403-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200403-03.xml"
},
{
"name": "oval:org.mitre.oval:def:9580",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9580"
},
{
"name": "11139",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/11139"
},
{
"name": "RHSA-2004:120",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-120.html"
},
{
"name": "20040317 New OpenSSL releases fix denial of service attacks [17 March 2004]",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107953412903636\u0026w=2"
},
{
"name": "APPLE-SA-2005-08-15",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html"
},
{
"name": "SSA:2004-077",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.455961"
},
{
"name": "2004-0012",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/2004/0012"
},
{
"name": "20040317 Cisco OpenSSL Implementation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://docs.info.apple.com/article.html?artnum=61798"
},
{
"name": "APPLE-SA-2005-08-17",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html"
},
{
"name": "oval:org.mitre.oval:def:928",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A928"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0112",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "9899",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9899"
},
{
"name": "SSRT4717",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=108403806509920\u0026w=2"
},
{
"name": "RHSA-2004:121",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-121.html"
},
{
"name": "MDKSA-2004:023",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023"
},
{
"name": "CLA-2004:834",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834"
},
{
"name": "SCOSA-2004.10",
"refsource": "SCO",
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt"
},
{
"name": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm",
"refsource": "MISC",
"url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm"
},
{
"name": "57524",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524"
},
{
"name": "SuSE-SA:2004:007",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2004_07_openssl.html"
},
{
"name": "http://lists.apple.com/mhonarc/security-announce/msg00045.html",
"refsource": "CONFIRM",
"url": "http://lists.apple.com/mhonarc/security-announce/msg00045.html"
},
{
"name": "http://www.openssl.org/news/secadv_20040317.txt",
"refsource": "CONFIRM",
"url": "http://www.openssl.org/news/secadv_20040317.txt"
},
{
"name": "NetBSD-SA2004-005",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc"
},
{
"name": "O-101",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/o-101.shtml"
},
{
"name": "TA04-078A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html"
},
{
"name": "oval:org.mitre.oval:def:1049",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1049"
},
{
"name": "openssl-kerberos-ciphersuites-dos(15508)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15508"
},
{
"name": "VU#484726",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/484726"
},
{
"name": "GLSA-200403-03",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200403-03.xml"
},
{
"name": "oval:org.mitre.oval:def:9580",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9580"
},
{
"name": "11139",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/11139"
},
{
"name": "RHSA-2004:120",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-120.html"
},
{
"name": "20040317 New OpenSSL releases fix denial of service attacks [17 March 2004]",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=107953412903636\u0026w=2"
},
{
"name": "APPLE-SA-2005-08-15",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html"
},
{
"name": "SSA:2004-077",
"refsource": "SLACKWARE",
"url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.455961"
},
{
"name": "2004-0012",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2004/0012"
},
{
"name": "20040317 Cisco OpenSSL Implementation Vulnerability",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml"
},
{
"name": "http://docs.info.apple.com/article.html?artnum=61798",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=61798"
},
{
"name": "APPLE-SA-2005-08-17",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html"
},
{
"name": "oval:org.mitre.oval:def:928",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A928"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0112",
"datePublished": "2004-03-18T05:00:00",
"dateReserved": "2004-02-02T00:00:00",
"dateUpdated": "2024-08-08T00:10:03.359Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-0116 (GCVE-0-2000-0116)
Vulnerability from cvelistv5
Published
2000-10-13 04:00
Modified
2024-08-08 05:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Firewall-1 does not properly filter script tags, which allows remote attackers to bypass the "Strip Script Tags" restriction by including an extra < in front of the SCRIPT tag.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:05:53.921Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "954",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/954"
},
{
"name": "1212",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/1212"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-01-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Firewall-1 does not properly filter script tags, which allows remote attackers to bypass the \"Strip Script Tags\" restriction by including an extra \u003c in front of the SCRIPT tag."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-09-02T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "954",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/954"
},
{
"name": "1212",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/1212"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0116",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Firewall-1 does not properly filter script tags, which allows remote attackers to bypass the \"Strip Script Tags\" restriction by including an extra \u003c in front of the SCRIPT tag."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "954",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/954"
},
{
"name": "1212",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/1212"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0116",
"datePublished": "2000-10-13T04:00:00",
"dateReserved": "2000-02-08T00:00:00",
"dateUpdated": "2024-08-08T05:05:53.921Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-1158 (GCVE-0-2001-1158)
Vulnerability from cvelistv5
Published
2002-06-25 04:00
Modified
2024-08-08 04:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Check Point VPN-1/FireWall-1 4.1 base.def contains a default macro, accept_fw1_rdp, which can allow remote attackers to bypass intended restrictions with forged RDP (internal protocol) headers to UDP port 259 of arbitrary hosts.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:44:07.936Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "2952",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/2952"
},
{
"name": "20010709 Check Point FireWall-1 RDP Bypass Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-07/0128.html"
},
{
"name": "20010712 RDP Bypass workaround for VPN-1/FireWall 4.1 SPx",
"tags": [
"vendor-advisory",
"x_refsource_CHECKPOINT",
"x_transferred"
],
"url": "http://www.checkpoint.com/techsupport/alerts/rdp.html"
},
{
"name": "VU#310295",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/310295"
},
{
"name": "CA-2001-17",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.cert.org/advisories/CA-2001-17.html"
},
{
"name": "L-109",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC",
"x_transferred"
],
"url": "http://ciac.llnl.gov/ciac/bulletins/l-109.shtml"
},
{
"name": "20010709 Check Point response to RDP Bypass",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://online.securityfocus.com/cgi-bin/archive.pl?id=1\u0026start=2002-03-11\u0026end=2002-03-17\u0026mid=195647\u0026threads=1"
},
{
"name": "1884",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/1884"
},
{
"name": "fw1-rdp-bypass(6815)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6815"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-07-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Check Point VPN-1/FireWall-1 4.1 base.def contains a default macro, accept_fw1_rdp, which can allow remote attackers to bypass intended restrictions with forged RDP (internal protocol) headers to UDP port 259 of arbitrary hosts."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-03-22T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "2952",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/2952"
},
{
"name": "20010709 Check Point FireWall-1 RDP Bypass Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-07/0128.html"
},
{
"name": "20010712 RDP Bypass workaround for VPN-1/FireWall 4.1 SPx",
"tags": [
"vendor-advisory",
"x_refsource_CHECKPOINT"
],
"url": "http://www.checkpoint.com/techsupport/alerts/rdp.html"
},
{
"name": "VU#310295",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/310295"
},
{
"name": "CA-2001-17",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.cert.org/advisories/CA-2001-17.html"
},
{
"name": "L-109",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC"
],
"url": "http://ciac.llnl.gov/ciac/bulletins/l-109.shtml"
},
{
"name": "20010709 Check Point response to RDP Bypass",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://online.securityfocus.com/cgi-bin/archive.pl?id=1\u0026start=2002-03-11\u0026end=2002-03-17\u0026mid=195647\u0026threads=1"
},
{
"name": "1884",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/1884"
},
{
"name": "fw1-rdp-bypass(6815)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6815"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-1158",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Check Point VPN-1/FireWall-1 4.1 base.def contains a default macro, accept_fw1_rdp, which can allow remote attackers to bypass intended restrictions with forged RDP (internal protocol) headers to UDP port 259 of arbitrary hosts."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "2952",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/2952"
},
{
"name": "20010709 Check Point FireWall-1 RDP Bypass Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-07/0128.html"
},
{
"name": "20010712 RDP Bypass workaround for VPN-1/FireWall 4.1 SPx",
"refsource": "CHECKPOINT",
"url": "http://www.checkpoint.com/techsupport/alerts/rdp.html"
},
{
"name": "VU#310295",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/310295"
},
{
"name": "CA-2001-17",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-2001-17.html"
},
{
"name": "L-109",
"refsource": "CIAC",
"url": "http://ciac.llnl.gov/ciac/bulletins/l-109.shtml"
},
{
"name": "20010709 Check Point response to RDP Bypass",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/cgi-bin/archive.pl?id=1\u0026start=2002-03-11\u0026end=2002-03-17\u0026mid=195647\u0026threads=1"
},
{
"name": "1884",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/1884"
},
{
"name": "fw1-rdp-bypass(6815)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6815"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-1158",
"datePublished": "2002-06-25T04:00:00",
"dateReserved": "2002-03-15T00:00:00",
"dateUpdated": "2024-08-08T04:44:07.936Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-0675 (GCVE-0-1999-0675)
Vulnerability from cvelistv5
Published
2000-10-13 04:00
Modified
2024-08-01 16:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Check Point FireWall-1 can be subjected to a denial of service via UDP packets that are sent through VPN-1 to port 0 of a host.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:48:37.041Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "19990809 FW1 UDP Port 0 DoS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/23615"
},
{
"name": "576",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/576"
},
{
"name": "1038",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/1038"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Check Point FireWall-1 can be subjected to a denial of service via UDP packets that are sent through VPN-1 to port 0 of a host."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-09-02T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "19990809 FW1 UDP Port 0 DoS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/23615"
},
{
"name": "576",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/576"
},
{
"name": "1038",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/1038"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0675",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Check Point FireWall-1 can be subjected to a denial of service via UDP packets that are sent through VPN-1 to port 0 of a host."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19990809 FW1 UDP Port 0 DoS",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/23615"
},
{
"name": "576",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/576"
},
{
"name": "1038",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/1038"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0675",
"datePublished": "2000-10-13T04:00:00",
"dateReserved": "1999-11-25T00:00:00",
"dateUpdated": "2024-08-01T16:48:37.041Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0081 (GCVE-0-2004-0081)
Vulnerability from cvelistv5
Published
2004-03-18 05:00
Modified
2024-08-08 00:01
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:01:23.650Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "9899",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/9899"
},
{
"name": "ESA-20040317-003",
"tags": [
"vendor-advisory",
"x_refsource_ENGARDE",
"x_transferred"
],
"url": "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html"
},
{
"name": "20040317 Re: New OpenSSL releases fix denial of service attacks [17 March 2004]",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107955049331965\u0026w=2"
},
{
"name": "RHSA-2004:121",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-121.html"
},
{
"name": "CLA-2004:834",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834"
},
{
"name": "SCOSA-2004.10",
"tags": [
"vendor-advisory",
"x_refsource_SCO",
"x_transferred"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt"
},
{
"name": "20040304-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040304-01-U.asc"
},
{
"name": "openssl-tls-dos(15509)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15509"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm"
},
{
"name": "FEDORA-2004-095",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://fedoranews.org/updates/FEDORA-2004-095.shtml"
},
{
"name": "57524",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524"
},
{
"name": "oval:org.mitre.oval:def:871",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A871"
},
{
"name": "oval:org.mitre.oval:def:11755",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11755"
},
{
"name": "VU#465542",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/465542"
},
{
"name": "TA04-078A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html"
},
{
"name": "GLSA-200403-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200403-03.xml"
},
{
"name": "11139",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/11139"
},
{
"name": "RHSA-2004:120",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-120.html"
},
{
"name": "RHSA-2004:119",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2004-119.html"
},
{
"name": "oval:org.mitre.oval:def:902",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A902"
},
{
"name": "RHSA-2004:139",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-139.html"
},
{
"name": "2004-0012",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/2004/0012"
},
{
"name": "20040508 [FLSA-2004:1395] Updated OpenSSL resolves security vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108403850228012\u0026w=2"
},
{
"name": "20040317 Cisco OpenSSL Implementation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml"
},
{
"name": "DSA-465",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-465"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-03-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "9899",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/9899"
},
{
"name": "ESA-20040317-003",
"tags": [
"vendor-advisory",
"x_refsource_ENGARDE"
],
"url": "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html"
},
{
"name": "20040317 Re: New OpenSSL releases fix denial of service attacks [17 March 2004]",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107955049331965\u0026w=2"
},
{
"name": "RHSA-2004:121",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-121.html"
},
{
"name": "CLA-2004:834",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834"
},
{
"name": "SCOSA-2004.10",
"tags": [
"vendor-advisory",
"x_refsource_SCO"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt"
},
{
"name": "20040304-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040304-01-U.asc"
},
{
"name": "openssl-tls-dos(15509)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15509"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm"
},
{
"name": "FEDORA-2004-095",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://fedoranews.org/updates/FEDORA-2004-095.shtml"
},
{
"name": "57524",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524"
},
{
"name": "oval:org.mitre.oval:def:871",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A871"
},
{
"name": "oval:org.mitre.oval:def:11755",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11755"
},
{
"name": "VU#465542",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/465542"
},
{
"name": "TA04-078A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html"
},
{
"name": "GLSA-200403-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200403-03.xml"
},
{
"name": "11139",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/11139"
},
{
"name": "RHSA-2004:120",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-120.html"
},
{
"name": "RHSA-2004:119",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2004-119.html"
},
{
"name": "oval:org.mitre.oval:def:902",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A902"
},
{
"name": "RHSA-2004:139",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-139.html"
},
{
"name": "2004-0012",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/2004/0012"
},
{
"name": "20040508 [FLSA-2004:1395] Updated OpenSSL resolves security vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108403850228012\u0026w=2"
},
{
"name": "20040317 Cisco OpenSSL Implementation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml"
},
{
"name": "DSA-465",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-465"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0081",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "9899",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9899"
},
{
"name": "ESA-20040317-003",
"refsource": "ENGARDE",
"url": "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html"
},
{
"name": "20040317 Re: New OpenSSL releases fix denial of service attacks [17 March 2004]",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=107955049331965\u0026w=2"
},
{
"name": "RHSA-2004:121",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-121.html"
},
{
"name": "CLA-2004:834",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834"
},
{
"name": "SCOSA-2004.10",
"refsource": "SCO",
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt"
},
{
"name": "20040304-01-U",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040304-01-U.asc"
},
{
"name": "openssl-tls-dos(15509)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15509"
},
{
"name": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm",
"refsource": "MISC",
"url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm"
},
{
"name": "FEDORA-2004-095",
"refsource": "FEDORA",
"url": "http://fedoranews.org/updates/FEDORA-2004-095.shtml"
},
{
"name": "57524",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524"
},
{
"name": "oval:org.mitre.oval:def:871",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A871"
},
{
"name": "oval:org.mitre.oval:def:11755",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11755"
},
{
"name": "VU#465542",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/465542"
},
{
"name": "TA04-078A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html"
},
{
"name": "GLSA-200403-03",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200403-03.xml"
},
{
"name": "11139",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/11139"
},
{
"name": "RHSA-2004:120",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-120.html"
},
{
"name": "RHSA-2004:119",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2004-119.html"
},
{
"name": "oval:org.mitre.oval:def:902",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A902"
},
{
"name": "RHSA-2004:139",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-139.html"
},
{
"name": "2004-0012",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2004/0012"
},
{
"name": "20040508 [FLSA-2004:1395] Updated OpenSSL resolves security vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=108403850228012\u0026w=2"
},
{
"name": "20040317 Cisco OpenSSL Implementation Vulnerability",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml"
},
{
"name": "DSA-465",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-465"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0081",
"datePublished": "2004-03-18T05:00:00",
"dateReserved": "2004-01-19T00:00:00",
"dateUpdated": "2024-08-08T00:01:23.650Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-0895 (GCVE-0-1999-0895)
Vulnerability from cvelistv5
Published
2000-04-25 04:00
Modified
2024-08-01 16:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Firewall-1 does not properly restrict access to LDAP attributes.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:55:29.065Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "19991020 Checkpoint FireWall-1 V4.0: possible bug in LDAP authentication",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=19991020150002.21047.qmail%40tarjan.mediaways.net"
},
{
"name": "725",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/725"
},
{
"name": "1117",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/1117"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1999-10-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Firewall-1 does not properly restrict access to LDAP attributes."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-09-02T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "19991020 Checkpoint FireWall-1 V4.0: possible bug in LDAP authentication",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=19991020150002.21047.qmail%40tarjan.mediaways.net"
},
{
"name": "725",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/725"
},
{
"name": "1117",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/1117"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0895",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Firewall-1 does not properly restrict access to LDAP attributes."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19991020 Checkpoint FireWall-1 V4.0: possible bug in LDAP authentication",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=19991020150002.21047.qmail@tarjan.mediaways.net"
},
{
"name": "725",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/725"
},
{
"name": "1117",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/1117"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0895",
"datePublished": "2000-04-25T04:00:00",
"dateReserved": "1999-12-08T00:00:00",
"dateUpdated": "2024-08-01T16:55:29.065Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0428 (GCVE-0-2002-0428)
Vulnerability from cvelistv5
Published
2002-06-11 04:00
Modified
2024-08-08 02:49
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Check Point FireWall-1 SecuRemote/SecuClient 4.0 and 4.1 allows clients to bypass the "authentication timeout" by modifying the to_expire or expire values in the client's users.C configuration file.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:49:28.462Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "fw1-authentication-bypass-timeouts(8423)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/8423.php"
},
{
"name": "20020308 Checkpoint FW1 SecuRemote/SecureClient \"re-authentication\" (client side hacks of users.C)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://online.securityfocus.com/archive/1/260662"
},
{
"name": "4253",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/4253"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-03-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Check Point FireWall-1 SecuRemote/SecuClient 4.0 and 4.1 allows clients to bypass the \"authentication timeout\" by modifying the to_expire or expire values in the client\u0027s users.C configuration file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-06-15T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "fw1-authentication-bypass-timeouts(8423)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/8423.php"
},
{
"name": "20020308 Checkpoint FW1 SecuRemote/SecureClient \"re-authentication\" (client side hacks of users.C)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://online.securityfocus.com/archive/1/260662"
},
{
"name": "4253",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/4253"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0428",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Check Point FireWall-1 SecuRemote/SecuClient 4.0 and 4.1 allows clients to bypass the \"authentication timeout\" by modifying the to_expire or expire values in the client\u0027s users.C configuration file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "fw1-authentication-bypass-timeouts(8423)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/8423.php"
},
{
"name": "20020308 Checkpoint FW1 SecuRemote/SecureClient \"re-authentication\" (client side hacks of users.C)",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/260662"
},
{
"name": "4253",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4253"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0428",
"datePublished": "2002-06-11T04:00:00",
"dateReserved": "2002-06-07T00:00:00",
"dateUpdated": "2024-08-08T02:49:28.462Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-1101 (GCVE-0-2001-1101)
Vulnerability from cvelistv5
Published
2002-03-15 05:00
Modified
2024-08-08 04:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Log Viewer function in the Check Point FireWall-1 GUI for Solaris 3.0b through 4.1 SP2 does not check for the existence of '.log' files when saving files, which allows (1) remote authenticated users to overwrite arbitrary files ending in '.log', or (2) local users to overwrite arbitrary files via a symlink attack.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:44:07.370Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20010908 Bug in remote GUI access in CheckPoint Firewall",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/212826"
},
{
"name": "3303",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/3303"
},
{
"name": "fw1-log-file-overwrite(7095)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7095"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-09-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Log Viewer function in the Check Point FireWall-1 GUI for Solaris 3.0b through 4.1 SP2 does not check for the existence of \u0027.log\u0027 files when saving files, which allows (1) remote authenticated users to overwrite arbitrary files ending in \u0027.log\u0027, or (2) local users to overwrite arbitrary files via a symlink attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-18T21:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20010908 Bug in remote GUI access in CheckPoint Firewall",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/212826"
},
{
"name": "3303",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/3303"
},
{
"name": "fw1-log-file-overwrite(7095)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7095"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-1101",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Log Viewer function in the Check Point FireWall-1 GUI for Solaris 3.0b through 4.1 SP2 does not check for the existence of \u0027.log\u0027 files when saving files, which allows (1) remote authenticated users to overwrite arbitrary files ending in \u0027.log\u0027, or (2) local users to overwrite arbitrary files via a symlink attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20010908 Bug in remote GUI access in CheckPoint Firewall",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/212826"
},
{
"name": "3303",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3303"
},
{
"name": "fw1-log-file-overwrite(7095)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7095"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-1101",
"datePublished": "2002-03-15T05:00:00",
"dateReserved": "2002-03-15T00:00:00",
"dateUpdated": "2024-08-08T04:44:07.370Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2000-11-14 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
The seed generation mechanism in the inter-module S/Key authentication mechanism in Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to bypass authentication via a brute force attack, aka "One-time (s/key) Password Authentication."
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.checkpoint.com/techsupport/alerts/list_vun.html#One-time_Password | ||
| cve@mitre.org | http://www.osvdb.org/4421 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/5137 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.checkpoint.com/techsupport/alerts/list_vun.html#One-time_Password | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.osvdb.org/4421 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/5137 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| checkpoint | firewall-1 | 3.0 | |
| checkpoint | firewall-1 | 4.0 | |
| checkpoint | firewall-1 | 4.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A550C18E-F07A-4A05-87F0-B1D52FDC401C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0F543272-8C7E-4326-BA97-142FBEA641E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "100F03E3-1538-47AF-9CA6-E9E5C1DF05D4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The seed generation mechanism in the inter-module S/Key authentication mechanism in Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to bypass authentication via a brute force attack, aka \"One-time (s/key) Password Authentication.\""
}
],
"id": "CVE-2000-0808",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-11-14T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.checkpoint.com/techsupport/alerts/list_vun.html#One-time_Password"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/4421"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5137"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.checkpoint.com/techsupport/alerts/list_vun.html#One-time_Password"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/4421"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5137"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-03-03 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Multiple format string vulnerabilities in HTTP Application Intelligence (AI) component in Check Point Firewall-1 NG-AI R55 and R54, and Check Point Firewall-1 HTTP Security Server included with NG FP1, FP2, and FP3 allows remote attackers to execute arbitrary code via HTTP requests that cause format string specifiers to be used in an error message, as demonstrated using the scheme of a URI.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://marc.info/?l=bugtraq&m=107604682227031&w=2 | ||
| cve@mitre.org | http://www.checkpoint.com/techsupport/alerts/security_server.html | ||
| cve@mitre.org | http://www.ciac.org/ciac/bulletins/o-072.shtml | ||
| cve@mitre.org | http://www.kb.cert.org/vuls/id/790771 | Patch, Third Party Advisory, US Government Resource | |
| cve@mitre.org | http://www.securityfocus.com/bid/9581 | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.us-cert.gov/cas/techalerts/TA04-036A.html | US Government Resource | |
| cve@mitre.org | http://xforce.iss.net/xforce/alerts/id/162 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/14149 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=107604682227031&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.checkpoint.com/techsupport/alerts/security_server.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ciac.org/ciac/bulletins/o-072.shtml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/790771 | Patch, Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/9581 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.us-cert.gov/cas/techalerts/TA04-036A.html | US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://xforce.iss.net/xforce/alerts/id/162 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/14149 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| checkpoint | firewall-1 | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:*:*:*:*:*:*:*:*",
"matchCriteriaId": "85711114-A402-4B53-AA91-DC66937606F1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple format string vulnerabilities in HTTP Application Intelligence (AI) component in Check Point Firewall-1 NG-AI R55 and R54, and Check Point Firewall-1 HTTP Security Server included with NG FP1, FP2, and FP3 allows remote attackers to execute arbitrary code via HTTP requests that cause format string specifiers to be used in an error message, as demonstrated using the scheme of a URI."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de cadena de formato en el componente HTTP Application Intelligence (IA) de Checkpoint Firewall-1 NG-AI R55 y R54, y Checkpoint Firewall-1 HTTP Security Server incluido con NG FP1, FP2, y FP3 permite a atacantes remotos ejecutar c\u00f3digo arbitrario mediante peticiones HTTP que hacen que se utilicen especificadores de cadena de formato en un mensaje de error, como se ha demastrado usando el esquema de una URI."
}
],
"id": "CVE-2004-0039",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-03-03T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=107604682227031\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.checkpoint.com/techsupport/alerts/security_server.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.ciac.org/ciac/bulletins/o-072.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/790771"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/9581"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-036A.html"
},
{
"source": "cve@mitre.org",
"url": "http://xforce.iss.net/xforce/alerts/id/162"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14149"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=107604682227031\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.checkpoint.com/techsupport/alerts/security_server.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ciac.org/ciac/bulletins/o-072.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/790771"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/9581"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-036A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://xforce.iss.net/xforce/alerts/id/162"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14149"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1998-05-11 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Check Point Firewall-1 does not properly handle certain restricted keywords (e.g., Mail, auth, time) in user-defined objects, which could produce a rule with a default "ANY" address and result in access to more systems than intended by the administrator.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://marc.info/?l=bugtraq&m=90221101925912&w=2 | ||
| cve@mitre.org | http://www.checkpoint.com/techsupport/config/keywords.html | ||
| cve@mitre.org | http://www.osvdb.org/4416 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/7293 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=90221101925912&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.checkpoint.com/techsupport/config/keywords.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.osvdb.org/4416 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/7293 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| checkpoint | firewall-1 | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:*:*:*:*:*:*:*:*",
"matchCriteriaId": "85711114-A402-4B53-AA91-DC66937606F1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Check Point Firewall-1 does not properly handle certain restricted keywords (e.g., Mail, auth, time) in user-defined objects, which could produce a rule with a default \"ANY\" address and result in access to more systems than intended by the administrator."
}
],
"id": "CVE-1999-1204",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1998-05-11T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=90221101925912\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.checkpoint.com/techsupport/config/keywords.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/4416"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7293"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=90221101925912\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.checkpoint.com/techsupport/config/keywords.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/4416"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7293"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-11-14 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to redirect FTP connections to other servers ("FTP Bounce") via invalid FTP commands that are processed improperly by FireWall-1, aka "FTP Connection Enforcement Bypass."
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.checkpoint.com/techsupport/alerts/list_vun.html#FTP_Connection | ||
| cve@mitre.org | http://www.osvdb.org/4434 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/5474 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.checkpoint.com/techsupport/alerts/list_vun.html#FTP_Connection | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.osvdb.org/4434 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/5474 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| checkpoint | firewall-1 | 3.0 | |
| checkpoint | firewall-1 | 4.0 | |
| checkpoint | firewall-1 | 4.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A550C18E-F07A-4A05-87F0-B1D52FDC401C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0F543272-8C7E-4326-BA97-142FBEA641E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "100F03E3-1538-47AF-9CA6-E9E5C1DF05D4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to redirect FTP connections to other servers (\"FTP Bounce\") via invalid FTP commands that are processed improperly by FireWall-1, aka \"FTP Connection Enforcement Bypass.\""
}
],
"id": "CVE-2000-0813",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-11-14T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.checkpoint.com/techsupport/alerts/list_vun.html#FTP_Connection"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/4434"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5474"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.checkpoint.com/techsupport/alerts/list_vun.html#FTP_Connection"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/4434"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5474"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-12-11 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
The client authentication interface for Check Point Firewall-1 4.0 and earlier generates different error messages for invalid usernames versus invalid passwords, which allows remote attackers to identify valid usernames on the firewall.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.osvdb.org/1632 | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/142808 | Exploit, Vendor Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/1890 | Exploit, Patch, Vendor Advisory | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/5816 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.osvdb.org/1632 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/142808 | Exploit, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/1890 | Exploit, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/5816 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| checkpoint | firewall-1 | 3.0 | |
| checkpoint | firewall-1 | 4.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A550C18E-F07A-4A05-87F0-B1D52FDC401C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0F543272-8C7E-4326-BA97-142FBEA641E5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The client authentication interface for Check Point Firewall-1 4.0 and earlier generates different error messages for invalid usernames versus invalid passwords, which allows remote attackers to identify valid usernames on the firewall."
}
],
"id": "CVE-2000-1032",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-12-11T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/1632"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/archive/1/142808"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1890"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5816"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/1632"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/archive/1/142808"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1890"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5816"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-11-14 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to bypass the directionality check via fragmented TCP connection requests or reopening closed TCP connection requests, aka "One-way Connection Enforcement Bypass."
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.checkpoint.com/techsupport/alerts/list_vun.html#One-way_Connection | ||
| cve@mitre.org | http://www.osvdb.org/4419 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/5468 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.checkpoint.com/techsupport/alerts/list_vun.html#One-way_Connection | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.osvdb.org/4419 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/5468 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| checkpoint | firewall-1 | 3.0 | |
| checkpoint | firewall-1 | 4.0 | |
| checkpoint | firewall-1 | 4.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A550C18E-F07A-4A05-87F0-B1D52FDC401C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0F543272-8C7E-4326-BA97-142FBEA641E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "100F03E3-1538-47AF-9CA6-E9E5C1DF05D4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to bypass the directionality check via fragmented TCP connection requests or reopening closed TCP connection requests, aka \"One-way Connection Enforcement Bypass.\""
}
],
"id": "CVE-2000-0804",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-11-14T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.checkpoint.com/techsupport/alerts/list_vun.html#One-way_Connection"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/4419"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5468"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.checkpoint.com/techsupport/alerts/list_vun.html#One-way_Connection"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/4419"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5468"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-09-08 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
The Log Viewer function in the Check Point FireWall-1 GUI for Solaris 3.0b through 4.1 SP2 does not check for the existence of '.log' files when saving files, which allows (1) remote authenticated users to overwrite arbitrary files ending in '.log', or (2) local users to overwrite arbitrary files via a symlink attack.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/archive/1/212826 | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/3303 | Vendor Advisory | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/7095 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/212826 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/3303 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/7095 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| checkpoint | firewall-1 | 3.0 | |
| checkpoint | firewall-1 | 4.0 | |
| checkpoint | firewall-1 | 4.1 | |
| checkpoint | firewall-1 | 4.1 | |
| checkpoint | firewall-1 | 4.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A550C18E-F07A-4A05-87F0-B1D52FDC401C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0F543272-8C7E-4326-BA97-142FBEA641E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "100F03E3-1538-47AF-9CA6-E9E5C1DF05D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "AFCB5D3D-E8C6-43CE-A1D4-7F46519E9893",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.1:sp2:*:*:*:*:*:*",
"matchCriteriaId": "0A7ED9A2-3996-4ABE-B0EF-92ACF6C8A38B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Log Viewer function in the Check Point FireWall-1 GUI for Solaris 3.0b through 4.1 SP2 does not check for the existence of \u0027.log\u0027 files when saving files, which allows (1) remote authenticated users to overwrite arbitrary files ending in \u0027.log\u0027, or (2) local users to overwrite arbitrary files via a symlink attack."
}
],
"id": "CVE-2001-1101",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-09-08T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/archive/1/212826"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/3303"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7095"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/archive/1/212826"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/3303"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7095"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-06-30 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Check Point FireWall-1 4.0 and 4.1 allows remote attackers to cause a denial of service by sending a stream of invalid commands (such as binary zeros) to the SMTP Security Server proxy.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.checkpoint.com/techsupport/alerts/list_vun.html#SMTP_Security | ||
| cve@mitre.org | http://www.osvdb.org/1438 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/1416 | ||
| cve@mitre.org | http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.LNX.3.96.1000630162106.4619C-100000%40fjord.fscinternet.com | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.checkpoint.com/techsupport/alerts/list_vun.html#SMTP_Security | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.osvdb.org/1438 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/1416 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.LNX.3.96.1000630162106.4619C-100000%40fjord.fscinternet.com |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| checkpoint | firewall-1 | 4.0 | |
| checkpoint | firewall-1 | 4.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0F543272-8C7E-4326-BA97-142FBEA641E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "100F03E3-1538-47AF-9CA6-E9E5C1DF05D4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Check Point FireWall-1 4.0 and 4.1 allows remote attackers to cause a denial of service by sending a stream of invalid commands (such as binary zeros) to the SMTP Security Server proxy."
}
],
"id": "CVE-2000-0582",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-06-30T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.checkpoint.com/techsupport/alerts/list_vun.html#SMTP_Security"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/1438"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/1416"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=Pine.LNX.3.96.1000630162106.4619C-100000%40fjord.fscinternet.com"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.checkpoint.com/techsupport/alerts/list_vun.html#SMTP_Security"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/1438"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/1416"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=Pine.LNX.3.96.1000630162106.4619C-100000%40fjord.fscinternet.com"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-03-11 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Firewall-1 3.0 and 4.0 leaks packets with private IP address information, which could allow remote attackers to determine the real IP address of the host that is making the connection.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://archives.neohapsis.com/archives/bugtraq/2000-03/0119.html | ||
| cve@mitre.org | http://www.osvdb.org/1256 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/1054 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://archives.neohapsis.com/archives/bugtraq/2000-03/0119.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.osvdb.org/1256 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/1054 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| checkpoint | firewall-1 | 3.0 | |
| checkpoint | firewall-1 | 4.0 | |
| checkpoint | firewall-1 | 4.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A550C18E-F07A-4A05-87F0-B1D52FDC401C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0F543272-8C7E-4326-BA97-142FBEA641E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "100F03E3-1538-47AF-9CA6-E9E5C1DF05D4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Firewall-1 3.0 and 4.0 leaks packets with private IP address information, which could allow remote attackers to determine the real IP address of the host that is making the connection."
}
],
"id": "CVE-2000-0181",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-03-11T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-03/0119.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/1256"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/1054"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-03/0119.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/1256"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/1054"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-07-18 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
The default configuration of SecuRemote for Check Point Firewall-1 allows remote attackers to obtain sensitive configuration information for the protected network without authentication.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.osvdb.org/588 | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/197566 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/3058 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/6857 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.osvdb.org/588 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/197566 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/3058 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/6857 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| checkpoint | firewall-1 | 4.0 | |
| checkpoint | firewall-1 | 4.1 | |
| checkpoint | firewall-1 | 4.1 | |
| checkpoint | firewall-1 | 4.1 | |
| checkpoint | firewall-1 | 4.1 | |
| checkpoint | firewall-1 | 4.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0F543272-8C7E-4326-BA97-142FBEA641E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "100F03E3-1538-47AF-9CA6-E9E5C1DF05D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "AFCB5D3D-E8C6-43CE-A1D4-7F46519E9893",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.1:sp2:*:*:*:*:*:*",
"matchCriteriaId": "0A7ED9A2-3996-4ABE-B0EF-92ACF6C8A38B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.1:sp3:*:*:*:*:*:*",
"matchCriteriaId": "997ABD78-6DF8-440C-B90A-E5CD7C6ACA75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.1:sp4:*:*:*:*:*:*",
"matchCriteriaId": "60536AAF-76BC-4773-98FA-5F01E2D231FB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The default configuration of SecuRemote for Check Point Firewall-1 allows remote attackers to obtain sensitive configuration information for the protected network without authentication."
}
],
"id": "CVE-2001-1303",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-07-18T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/588"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/197566"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/3058"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6857"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/588"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/197566"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/3058"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6857"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-11-18 21:03
Modified
2025-04-03 01:03
Severity ?
Summary
The Internet Key Exchange version 1 (IKEv1) implementation in Check Point products allows remote attackers to cause a denial of service via certain crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://jvn.jp/niscc/NISCC-273756/index.html | ||
| cve@mitre.org | http://secunia.com/advisories/17621 | ||
| cve@mitre.org | http://secureknowledge.us.checkpoint.com/SecureKnowledge/viewSolutionDocument.do?id=sk31316 | ||
| cve@mitre.org | http://securitytracker.com/id?1015235 | ||
| cve@mitre.org | http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/ | ||
| cve@mitre.org | http://www.kb.cert.org/vuls/id/226364 | Third Party Advisory, US Government Resource | |
| cve@mitre.org | http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=en | Vendor Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/15479 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2005/2470 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://jvn.jp/niscc/NISCC-273756/index.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/17621 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secureknowledge.us.checkpoint.com/SecureKnowledge/viewSolutionDocument.do?id=sk31316 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1015235 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/226364 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=en | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/15479 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2005/2470 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| checkpoint | check_point | * | |
| checkpoint | express | ci_r57 | |
| checkpoint | firewall-1 | 3.0 | |
| checkpoint | vpn-1 | ngx_r60 | |
| checkpoint | vpn-1_firewall-1_next_generation | r54 | |
| checkpoint | vpn-1_firewall-1_next_generation | r55 | |
| checkpoint | vpn-1_firewall-1_next_generation | r55p | |
| checkpoint | vpn-1_firewall-1_next_generation | r55w |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:checkpoint:check_point:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0598E831-062A-48FC-ADA4-708C0B20855F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:express:ci_r57:*:*:*:*:*:*:*",
"matchCriteriaId": "EF028A2C-4AC6-425F-AD89-DC40ECD41501",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:3.0:*:gx:*:*:*:*:*",
"matchCriteriaId": "3E85186A-CD5E-4781-80EA-EE87239B13CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:vpn-1:ngx_r60:*:pro:*:*:*:*:*",
"matchCriteriaId": "95028F5A-F2DB-4440-B6BB-3F4A0C8C1FC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:vpn-1_firewall-1_next_generation:r54:*:*:*:*:*:*:*",
"matchCriteriaId": "F9CE9BDF-A5D0-411D-963E-44093488E02C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:vpn-1_firewall-1_next_generation:r55:*:*:*:*:*:*:*",
"matchCriteriaId": "A59F8FDC-9F16-4DF9-B23A-F5D912E2A33B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:vpn-1_firewall-1_next_generation:r55p:*:*:*:*:*:*:*",
"matchCriteriaId": "DF54C5A6-5312-45E5-ACFA-90639581021A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:vpn-1_firewall-1_next_generation:r55w:*:*:*:*:*:*:*",
"matchCriteriaId": "1973A5EA-E715-44A8-B782-3B2C90A301E8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Internet Key Exchange version 1 (IKEv1) implementation in Check Point products allows remote attackers to cause a denial of service via certain crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to."
}
],
"id": "CVE-2005-3673",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-11-18T21:03:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://jvn.jp/niscc/NISCC-273756/index.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/17621"
},
{
"source": "cve@mitre.org",
"url": "http://secureknowledge.us.checkpoint.com/SecureKnowledge/viewSolutionDocument.do?id=sk31316"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1015235"
},
{
"source": "cve@mitre.org",
"url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/226364"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=en"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/15479"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2005/2470"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvn.jp/niscc/NISCC-273756/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/17621"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secureknowledge.us.checkpoint.com/SecureKnowledge/viewSolutionDocument.do?id=sk31316"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1015235"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/226364"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/15479"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2005/2470"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-01-29 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Firewall-1 does not properly filter script tags, which allows remote attackers to bypass the "Strip Script Tags" restriction by including an extra < in front of the SCRIPT tag.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| checkpoint | firewall-1 | 3.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A550C18E-F07A-4A05-87F0-B1D52FDC401C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Firewall-1 does not properly filter script tags, which allows remote attackers to bypass the \"Strip Script Tags\" restriction by including an extra \u003c in front of the SCRIPT tag."
}
],
"id": "CVE-2000-0116",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-01-29T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/1212"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/954"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/1212"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/954"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-11-14 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Check Point VPN-1/FireWall-1 4.1 and earlier improperly retransmits encapsulated FWS packets, even if they do not come from a valid FWZ client, aka "Retransmission of Encapsulated Packets."
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.checkpoint.com/techsupport/alerts/list_vun.html#Retransmission_of | ||
| cve@mitre.org | http://www.osvdb.org/4415 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/5469 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.checkpoint.com/techsupport/alerts/list_vun.html#Retransmission_of | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.osvdb.org/4415 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/5469 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| checkpoint | firewall-1 | 3.0 | |
| checkpoint | firewall-1 | 4.0 | |
| checkpoint | firewall-1 | 4.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A550C18E-F07A-4A05-87F0-B1D52FDC401C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0F543272-8C7E-4326-BA97-142FBEA641E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "100F03E3-1538-47AF-9CA6-E9E5C1DF05D4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Check Point VPN-1/FireWall-1 4.1 and earlier improperly retransmits encapsulated FWS packets, even if they do not come from a valid FWZ client, aka \"Retransmission of Encapsulated Packets.\""
}
],
"id": "CVE-2000-0805",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-11-14T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.checkpoint.com/techsupport/alerts/list_vun.html#Retransmission_of"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/4415"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5469"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.checkpoint.com/techsupport/alerts/list_vun.html#Retransmission_of"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/4415"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5469"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-10-08 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Nokia Firewall Appliances running IPSO 3.3 and VPN-1/FireWall-1 4.1 Service Pack 3, IPSO 3.4 and VPN-1/FireWall-1 4.1 Service Pack 4, and IPSO 3.4 or IPSO 3.4.1 and VPN-1/FireWall-1 4.1 Service Pack 5, when SYN Defender is configured in Active Gateway mode, does not properly rewrite the third packet of a TCP three-way handshake to use the NAT IP address, which allows remote attackers to gain sensitive information.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.kb.cert.org/vuls/id/258731 | US Government Resource | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/8293 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/258731 | US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/8293 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| checkpoint | firewall-1 | 4.1 | |
| checkpoint | firewall-1 | 4.1 | |
| checkpoint | firewall-1 | 4.1 | |
| checkpoint | vpn-1 | 4.1 | |
| checkpoint | vpn-1 | 4.1 | |
| nokia | firewall_appliance | ipso_3.3 | |
| nokia | firewall_appliance | ipso_3.4 | |
| nokia | firewall_appliance | ipso_3.41 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.1:sp3:*:*:*:*:*:*",
"matchCriteriaId": "997ABD78-6DF8-440C-B90A-E5CD7C6ACA75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.1:sp4:*:*:*:*:*:*",
"matchCriteriaId": "60536AAF-76BC-4773-98FA-5F01E2D231FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.1:sp5:*:*:*:*:*:*",
"matchCriteriaId": "1E4206C4-05A7-46D1-90C7-6BA7744C7AD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:vpn-1:4.1:sp3:*:*:*:*:*:*",
"matchCriteriaId": "B9754CCE-CEC5-4359-9C62-133885817DEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:vpn-1:4.1:sp4:*:*:*:*:*:*",
"matchCriteriaId": "C65FC343-69C9-4B70-8149-42297B47C813",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nokia:firewall_appliance:ipso_3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8B11266A-90C4-47B9-B6DD-77F1B4701708",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nokia:firewall_appliance:ipso_3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E24EF8C6-E623-4B37-96D6-D514ECE365B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nokia:firewall_appliance:ipso_3.41:*:*:*:*:*:*:*",
"matchCriteriaId": "9F781F5B-B875-4119-937B-97286E746C91",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Nokia Firewall Appliances running IPSO 3.3 and VPN-1/FireWall-1 4.1 Service Pack 3, IPSO 3.4 and VPN-1/FireWall-1 4.1 Service Pack 4, and IPSO 3.4 or IPSO 3.4.1 and VPN-1/FireWall-1 4.1 Service Pack 5, when SYN Defender is configured in Active Gateway mode, does not properly rewrite the third packet of a TCP three-way handshake to use the NAT IP address, which allows remote attackers to gain sensitive information."
}
],
"id": "CVE-2001-1431",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-10-08T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/258731"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8293"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/258731"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8293"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-10-20 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Check Point FireWall-1 4.0 and 4.1 before SP5 allows remote attackers to obtain the IP addresses of internal interfaces via certain SecuRemote requests to TCP ports 256 or 264, which leaks the IP addresses in a reply packet.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| checkpoint | firewall-1 | 4.0 | |
| checkpoint | firewall-1 | 4.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0F543272-8C7E-4326-BA97-142FBEA641E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "100F03E3-1538-47AF-9CA6-E9E5C1DF05D4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Check Point FireWall-1 4.0 and 4.1 before SP5 allows remote attackers to obtain the IP addresses of internal interfaces via certain SecuRemote requests to TCP ports 256 or 264, which leaks the IP addresses in a reply packet."
}
],
"id": "CVE-2003-0757",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-10-20T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-09/0018.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-09/0018.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-02-12 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Check Point VPN-1/FireWall-1 4.1 SP2 with Fastmode enabled allows remote attackers to bypass access restrictions via malformed, fragmented packets.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://archives.neohapsis.com/archives/bugtraq/2000-12/0271.html | Exploit, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://archives.neohapsis.com/archives/bugtraq/2000-12/0271.html | Exploit, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| checkpoint | firewall-1 | 4.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.1:sp2:*:*:*:*:*:*",
"matchCriteriaId": "0A7ED9A2-3996-4ABE-B0EF-92ACF6C8A38B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Check Point VPN-1/FireWall-1 4.1 SP2 with Fastmode enabled allows remote attackers to bypass access restrictions via malformed, fragmented packets."
}
],
"id": "CVE-2001-0082",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-02-12T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-12/0271.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-12/0271.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-09-28 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Heap-based buffer overflow in ASN.1 decoding library in Check Point VPN-1 products, when Aggressive Mode IKE is implemented, allows remote attackers to execute arbitrary code by initiating an IKE negotiation and then sending an IKE packet with malformed ASN.1 data.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://secunia.com/advisories/12177/ | ||
| cve@mitre.org | http://securitytracker.com/alerts/2004/Jul/1010799.html | ||
| cve@mitre.org | http://www.checkpoint.com/techsupport/alerts/asn1.html | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.ciac.org/ciac/bulletins/o-190.shtml | ||
| cve@mitre.org | http://www.kb.cert.org/vuls/id/435358 | US Government Resource | |
| cve@mitre.org | http://www.osvdb.org/displayvuln.php?osvdb_id=8290 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/10820 | ||
| cve@mitre.org | http://xforce.iss.net/xforce/alerts/id/178 | Patch, Vendor Advisory | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/16824 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/12177/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/alerts/2004/Jul/1010799.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.checkpoint.com/techsupport/alerts/asn1.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ciac.org/ciac/bulletins/o-190.shtml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/435358 | US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.osvdb.org/displayvuln.php?osvdb_id=8290 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/10820 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://xforce.iss.net/xforce/alerts/id/178 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/16824 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| checkpoint | firewall-1 | 4.1 | |
| checkpoint | vpn-1 | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.1:sp6:*:*:*:*:*:*",
"matchCriteriaId": "8505646A-6118-4274-9281-FC3C383E30E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:vpn-1:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A19E9E90-E765-47F0-9D37-479C5D8846E6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in ASN.1 decoding library in Check Point VPN-1 products, when Aggressive Mode IKE is implemented, allows remote attackers to execute arbitrary code by initiating an IKE negotiation and then sending an IKE packet with malformed ASN.1 data."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en el mont\u00f3n en la librer\u00eda de decodificaci\u00f3n ASN.1 de productos CheckPoint VPN-1, cuando se ha implementado IKE agresivo, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n iniciando una negociaci\u00f3n IKE y enviando un paquete IKE con datos ASN.1 malformados."
}
],
"id": "CVE-2004-0699",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-09-28T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/12177/"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/alerts/2004/Jul/1010799.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.checkpoint.com/techsupport/alerts/asn1.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.ciac.org/ciac/bulletins/o-190.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/435358"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/displayvuln.php?osvdb_id=8290"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/10820"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://xforce.iss.net/xforce/alerts/id/178"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16824"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/12177/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/alerts/2004/Jul/1010799.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.checkpoint.com/techsupport/alerts/asn1.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ciac.org/ciac/bulletins/o-190.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/435358"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/displayvuln.php?osvdb_id=8290"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/10820"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://xforce.iss.net/xforce/alerts/id/178"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16824"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-11-23 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc | Broken Link | |
| cve@mitre.org | ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt | Broken Link | |
| cve@mitre.org | http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000834 | Broken Link | |
| cve@mitre.org | http://docs.info.apple.com/article.html?artnum=61798 | Broken Link | |
| cve@mitre.org | http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html | Mailing List | |
| cve@mitre.org | http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html | Mailing List | |
| cve@mitre.org | http://lists.apple.com/mhonarc/security-announce/msg00045.html | Broken Link | |
| cve@mitre.org | http://marc.info/?l=bugtraq&m=107953412903636&w=2 | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://marc.info/?l=bugtraq&m=108403806509920&w=2 | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://secunia.com/advisories/11139 | Broken Link | |
| cve@mitre.org | http://security.gentoo.org/glsa/glsa-200403-03.xml | Third Party Advisory | |
| cve@mitre.org | http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524 | Broken Link | |
| cve@mitre.org | http://www.ciac.org/ciac/bulletins/o-101.shtml | Broken Link | |
| cve@mitre.org | http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml | Broken Link | |
| cve@mitre.org | http://www.kb.cert.org/vuls/id/484726 | Third Party Advisory, US Government Resource | |
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2004:023 | Third Party Advisory | |
| cve@mitre.org | http://www.novell.com/linux/security/advisories/2004_07_openssl.html | Broken Link | |
| cve@mitre.org | http://www.openssl.org/news/secadv_20040317.txt | Broken Link | |
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2004-120.html | Broken Link | |
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2004-121.html | Broken Link | |
| cve@mitre.org | http://www.securityfocus.com/bid/9899 | Broken Link, Third Party Advisory, VDB Entry, Vendor Advisory | |
| cve@mitre.org | http://www.slackware.org/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.455961 | Broken Link | |
| cve@mitre.org | http://www.trustix.org/errata/2004/0012 | Broken Link | |
| cve@mitre.org | http://www.uniras.gov.uk/vuls/2004/224012/index.htm | Broken Link | |
| cve@mitre.org | http://www.us-cert.gov/cas/techalerts/TA04-078A.html | Broken Link, Third Party Advisory, US Government Resource | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/15508 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1049 | Broken Link | |
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A928 | Broken Link | |
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9580 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000834 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://docs.info.apple.com/article.html?artnum=61798 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/mhonarc/security-announce/msg00045.html | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=107953412903636&w=2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=108403806509920&w=2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/11139 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-200403-03.xml | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ciac.org/ciac/bulletins/o-101.shtml | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/484726 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2004:023 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.novell.com/linux/security/advisories/2004_07_openssl.html | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openssl.org/news/secadv_20040317.txt | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2004-120.html | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2004-121.html | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/9899 | Broken Link, Third Party Advisory, VDB Entry, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.slackware.org/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.455961 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.trustix.org/errata/2004/0012 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.uniras.gov.uk/vuls/2004/224012/index.htm | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.us-cert.gov/cas/techalerts/TA04-078A.html | Broken Link, Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/15508 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1049 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A928 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9580 | Broken Link |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | firewall_services_module | * | |
| cisco | firewall_services_module | 1.1.2 | |
| cisco | firewall_services_module | 1.1.3 | |
| cisco | firewall_services_module | 1.1_\(3.005\) | |
| cisco | firewall_services_module | 2.1_\(0.208\) | |
| hp | aaa_server | * | |
| hp | apache-based_web_server | 2.0.43.00 | |
| hp | apache-based_web_server | 2.0.43.04 | |
| symantec | clientless_vpn_gateway_4400 | 5.0 | |
| cisco | ciscoworks_common_management_foundation | 2.1 | |
| cisco | ciscoworks_common_services | 2.2 | |
| avaya | converged_communications_server | 2.0 | |
| avaya | sg200 | 4.4 | |
| avaya | sg200 | 4.31.29 | |
| avaya | sg203 | 4.4 | |
| avaya | sg203 | 4.31.29 | |
| avaya | sg208 | * | |
| avaya | sg208 | 4.4 | |
| avaya | sg5 | 4.2 | |
| avaya | sg5 | 4.3 | |
| avaya | sg5 | 4.4 | |
| apple | mac_os_x | 10.3.3 | |
| apple | mac_os_x_server | 10.3.3 | |
| freebsd | freebsd | 4.8 | |
| freebsd | freebsd | 4.8 | |
| freebsd | freebsd | 4.9 | |
| freebsd | freebsd | 5.1 | |
| freebsd | freebsd | 5.1 | |
| freebsd | freebsd | 5.1 | |
| freebsd | freebsd | 5.2 | |
| freebsd | freebsd | 5.2.1 | |
| hp | hp-ux | 8.05 | |
| hp | hp-ux | 11.00 | |
| hp | hp-ux | 11.11 | |
| hp | hp-ux | 11.23 | |
| openbsd | openbsd | 3.3 | |
| openbsd | openbsd | 3.4 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | enterprise_linux_desktop | 3.0 | |
| redhat | linux | 7.2 | |
| redhat | linux | 7.3 | |
| redhat | linux | 8.0 | |
| sco | openserver | 5.0.6 | |
| sco | openserver | 5.0.7 | |
| cisco | ios | 12.1\(11\)e | |
| cisco | ios | 12.1\(11b\)e | |
| cisco | ios | 12.1\(11b\)e12 | |
| cisco | ios | 12.1\(11b\)e14 | |
| cisco | ios | 12.1\(13\)e9 | |
| cisco | ios | 12.1\(19\)e1 | |
| cisco | ios | 12.2\(14\)sy | |
| cisco | ios | 12.2\(14\)sy1 | |
| cisco | ios | 12.2sy | |
| cisco | ios | 12.2za | |
| 4d | webstar | 4.0 | |
| 4d | webstar | 5.2 | |
| 4d | webstar | 5.2.1 | |
| 4d | webstar | 5.2.2 | |
| 4d | webstar | 5.2.3 | |
| 4d | webstar | 5.2.4 | |
| 4d | webstar | 5.3 | |
| 4d | webstar | 5.3.1 | |
| avaya | intuity_audix | * | |
| avaya | intuity_audix | 5.1.46 | |
| avaya | intuity_audix | s3210 | |
| avaya | intuity_audix | s3400 | |
| avaya | vsu | 5 | |
| avaya | vsu | 5x | |
| avaya | vsu | 100_r2.0.1 | |
| avaya | vsu | 500 | |
| avaya | vsu | 2000_r2.0.1 | |
| avaya | vsu | 5000_r2.0.1 | |
| avaya | vsu | 7500_r2.0.1 | |
| avaya | vsu | 10000_r2.0.1 | |
| checkpoint | firewall-1 | * | |
| checkpoint | firewall-1 | 2.0 | |
| checkpoint | firewall-1 | next_generation_fp0 | |
| checkpoint | firewall-1 | next_generation_fp1 | |
| checkpoint | firewall-1 | next_generation_fp2 | |
| checkpoint | provider-1 | 4.1 | |
| checkpoint | provider-1 | 4.1 | |
| checkpoint | provider-1 | 4.1 | |
| checkpoint | provider-1 | 4.1 | |
| checkpoint | provider-1 | 4.1 | |
| checkpoint | vpn-1 | next_generation_fp0 | |
| checkpoint | vpn-1 | next_generation_fp1 | |
| checkpoint | vpn-1 | next_generation_fp2 | |
| checkpoint | vpn-1 | vsx_ng_with_application_intelligence | |
| cisco | access_registrar | * | |
| cisco | application_and_content_networking_software | * | |
| cisco | css_secure_content_accelerator | 1.0 | |
| cisco | css_secure_content_accelerator | 2.0 | |
| cisco | css11000_content_services_switch | * | |
| cisco | okena_stormwatch | 3.2 | |
| cisco | pix_firewall | 6.2.2_.111 | |
| cisco | threat_response | * | |
| cisco | webns | 6.10 | |
| cisco | webns | 6.10_b4 | |
| cisco | webns | 7.1_0.1.02 | |
| cisco | webns | 7.1_0.2.06 | |
| cisco | webns | 7.2_0.0.03 | |
| cisco | webns | 7.10 | |
| cisco | webns | 7.10_.0.06s | |
| dell | bsafe_ssl-j | 3.0 | |
| dell | bsafe_ssl-j | 3.0.1 | |
| dell | bsafe_ssl-j | 3.1 | |
| forcepoint | stonegate | 1.5.17 | |
| forcepoint | stonegate | 1.5.18 | |
| forcepoint | stonegate | 1.6.2 | |
| forcepoint | stonegate | 1.6.3 | |
| forcepoint | stonegate | 1.7 | |
| forcepoint | stonegate | 1.7.1 | |
| forcepoint | stonegate | 1.7.2 | |
| forcepoint | stonegate | 2.0.1 | |
| forcepoint | stonegate | 2.0.4 | |
| forcepoint | stonegate | 2.0.5 | |
| forcepoint | stonegate | 2.0.6 | |
| forcepoint | stonegate | 2.0.7 | |
| forcepoint | stonegate | 2.0.8 | |
| forcepoint | stonegate | 2.0.9 | |
| forcepoint | stonegate | 2.1 | |
| forcepoint | stonegate | 2.2 | |
| forcepoint | stonegate | 2.2.1 | |
| forcepoint | stonegate | 2.2.4 | |
| hp | wbem | a.01.05.08 | |
| hp | wbem | a.02.00.00 | |
| hp | wbem | a.02.00.01 | |
| litespeedtech | litespeed_web_server | 1.0.1 | |
| litespeedtech | litespeed_web_server | 1.0.2 | |
| litespeedtech | litespeed_web_server | 1.0.3 | |
| litespeedtech | litespeed_web_server | 1.1 | |
| litespeedtech | litespeed_web_server | 1.1.1 | |
| litespeedtech | litespeed_web_server | 1.2 | |
| litespeedtech | litespeed_web_server | 1.2 | |
| litespeedtech | litespeed_web_server | 1.2.1 | |
| litespeedtech | litespeed_web_server | 1.2.2 | |
| litespeedtech | litespeed_web_server | 1.3 | |
| litespeedtech | litespeed_web_server | 1.3 | |
| litespeedtech | litespeed_web_server | 1.3 | |
| litespeedtech | litespeed_web_server | 1.3 | |
| neoteris | instant_virtual_extranet | 3.0 | |
| neoteris | instant_virtual_extranet | 3.1 | |
| neoteris | instant_virtual_extranet | 3.2 | |
| neoteris | instant_virtual_extranet | 3.3 | |
| neoteris | instant_virtual_extranet | 3.3.1 | |
| novell | edirectory | 8.0 | |
| novell | edirectory | 8.5 | |
| novell | edirectory | 8.5.12a | |
| novell | edirectory | 8.5.27 | |
| novell | edirectory | 8.6.2 | |
| novell | edirectory | 8.7 | |
| novell | edirectory | 8.7.1 | |
| novell | edirectory | 8.7.1 | |
| novell | imanager | 1.5 | |
| novell | imanager | 2.0 | |
| openssl | openssl | 0.9.6c | |
| openssl | openssl | 0.9.6d | |
| openssl | openssl | 0.9.6e | |
| openssl | openssl | 0.9.6f | |
| openssl | openssl | 0.9.6g | |
| openssl | openssl | 0.9.6h | |
| openssl | openssl | 0.9.6i | |
| openssl | openssl | 0.9.6j | |
| openssl | openssl | 0.9.6k | |
| openssl | openssl | 0.9.7 | |
| openssl | openssl | 0.9.7 | |
| openssl | openssl | 0.9.7 | |
| openssl | openssl | 0.9.7 | |
| openssl | openssl | 0.9.7a | |
| openssl | openssl | 0.9.7b | |
| openssl | openssl | 0.9.7c | |
| redhat | openssl | 0.9.6-15 | |
| redhat | openssl | 0.9.6b-3 | |
| redhat | openssl | 0.9.7a-2 | |
| redhat | openssl | 0.9.7a-2 | |
| redhat | openssl | 0.9.7a-2 | |
| sgi | propack | 2.3 | |
| sgi | propack | 2.4 | |
| sgi | propack | 3.0 | |
| stonesoft | servercluster | 2.5 | |
| stonesoft | servercluster | 2.5.2 | |
| stonesoft | stonebeat_fullcluster | 1_2.0 | |
| stonesoft | stonebeat_fullcluster | 1_3.0 | |
| stonesoft | stonebeat_fullcluster | 2.0 | |
| stonesoft | stonebeat_fullcluster | 2.5 | |
| stonesoft | stonebeat_fullcluster | 3.0 | |
| stonesoft | stonebeat_securitycluster | 2.0 | |
| stonesoft | stonebeat_securitycluster | 2.5 | |
| stonesoft | stonebeat_webcluster | 2.0 | |
| stonesoft | stonebeat_webcluster | 2.5 | |
| tarantella | tarantella_enterprise | 3.20 | |
| tarantella | tarantella_enterprise | 3.30 | |
| tarantella | tarantella_enterprise | 3.40 | |
| vmware | gsx_server | 2.0 | |
| vmware | gsx_server | 2.0.1_build_2129 | |
| vmware | gsx_server | 2.5.1 | |
| vmware | gsx_server | 2.5.1_build_5336 | |
| vmware | gsx_server | 3.0_build_7592 | |
| avaya | s8300 | r2.0.0 | |
| avaya | s8300 | r2.0.1 | |
| avaya | s8500 | r2.0.0 | |
| avaya | s8500 | r2.0.1 | |
| avaya | s8700 | r2.0.0 | |
| avaya | s8700 | r2.0.1 | |
| bluecoat | proxysg | * | |
| cisco | call_manager | * | |
| cisco | content_services_switch_11500 | * | |
| cisco | gss_4480_global_site_selector | * | |
| cisco | gss_4490_global_site_selector | * | |
| cisco | mds_9000 | * | |
| cisco | secure_content_accelerator | 10000 | |
| securecomputing | sidewinder | 5.2 | |
| securecomputing | sidewinder | 5.2.0.01 | |
| securecomputing | sidewinder | 5.2.0.02 | |
| securecomputing | sidewinder | 5.2.0.03 | |
| securecomputing | sidewinder | 5.2.0.04 | |
| securecomputing | sidewinder | 5.2.1 | |
| securecomputing | sidewinder | 5.2.1.02 | |
| sun | crypto_accelerator_4000 | 1.0 | |
| bluecoat | cacheos_ca_sa | 4.1.10 | |
| bluecoat | cacheos_ca_sa | 4.1.12 | |
| cisco | pix_firewall_software | 6.0 | |
| cisco | pix_firewall_software | 6.0\(1\) | |
| cisco | pix_firewall_software | 6.0\(2\) | |
| cisco | pix_firewall_software | 6.0\(3\) | |
| cisco | pix_firewall_software | 6.0\(4\) | |
| cisco | pix_firewall_software | 6.0\(4.101\) | |
| cisco | pix_firewall_software | 6.1 | |
| cisco | pix_firewall_software | 6.1\(1\) | |
| cisco | pix_firewall_software | 6.1\(2\) | |
| cisco | pix_firewall_software | 6.1\(3\) | |
| cisco | pix_firewall_software | 6.1\(4\) | |
| cisco | pix_firewall_software | 6.1\(5\) | |
| cisco | pix_firewall_software | 6.2 | |
| cisco | pix_firewall_software | 6.2\(1\) | |
| cisco | pix_firewall_software | 6.2\(2\) | |
| cisco | pix_firewall_software | 6.2\(3\) | |
| cisco | pix_firewall_software | 6.2\(3.100\) | |
| cisco | pix_firewall_software | 6.3 | |
| cisco | pix_firewall_software | 6.3\(1\) | |
| cisco | pix_firewall_software | 6.3\(2\) | |
| cisco | pix_firewall_software | 6.3\(3.102\) | |
| cisco | pix_firewall_software | 6.3\(3.109\) |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firewall_services_module:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2A9CB22A-21E0-46F6-B6CD-BB38A80FA7A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:firewall_services_module:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B9CAFC15-178C-4176-9668-D4A04B63E77B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:firewall_services_module:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3C8D6949-89F4-40EF-98F4-8D15628DC345",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:firewall_services_module:1.1_\\(3.005\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F3DB2AEE-FB5C-42B7-845B-EDA3E58D5D68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:firewall_services_module:2.1_\\(0.208\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6479D85C-1A12-486D-818C-6679F415CA26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:aaa_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "287CF5FA-D0EC-4FD7-9718-973587EF34DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:apache-based_web_server:2.0.43.00:*:*:*:*:*:*:*",
"matchCriteriaId": "C88168D4-7DB5-4720-8640-400BB680D0FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:apache-based_web_server:2.0.43.04:*:*:*:*:*:*:*",
"matchCriteriaId": "968915A1-375B-4C69-BE11-9A393F7F1B0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:symantec:clientless_vpn_gateway_4400:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "11465DCA-72E5-40E9-9D8E-B3CD470C47E9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_common_management_foundation:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3954D0D1-9FDF-47D0-9710-D0FB06955B8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3D6712BD-DE8F-40F5-AC74-B9EFE9A50CFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:converged_communications_server:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E586558A-ABC3-42EB-8B4D-DC92A0D695E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:sg200:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2A4C5F60-B32D-4D85-BA28-AE11972ED614",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:sg200:4.31.29:*:*:*:*:*:*:*",
"matchCriteriaId": "6A5935C3-3D83-461F-BC26-E03362115C42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:sg203:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "80AC523B-3106-46F2-B760-803DCF8061F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:sg203:4.31.29:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B8D6F3-D15D-489F-A807-17E63F4831F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:sg208:*:*:*:*:*:*:*:*",
"matchCriteriaId": "808189BA-197F-49CE-933E-A728F395749C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:sg208:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "32DCFA7B-7BBB-465A-A4AD-7E18EE3C02DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:sg5:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CC7EF0CD-EA39-457B-8E2E-9120B65A5835",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:sg5:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7BC2983F-5212-464B-AC21-8A897DEC1F58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:sg5:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EBF17989-D1F2-4B04-80BD-CFABDD482ABA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BF2D00AC-FA2A-4C39-B796-DC19072862CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E8BCD1C5-1AFC-4287-9AFD-81FB3F4F9E54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "441BE3A0-20F4-4972-B279-19B3DB5FA14D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.8:releng:*:*:*:*:*:*",
"matchCriteriaId": "2D33C6EF-DBE1-4943-83E4-1F10670DAC6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "00EAEA17-033A-4A50-8E39-D61154876D2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4EE93350-92E6-4F5C-A14C-9993CFFDBCD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.1:release:*:*:*:*:*:*",
"matchCriteriaId": "0D9F2B04-A1F2-4788-A53D-C8274A758DDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.1:releng:*:*:*:*:*:*",
"matchCriteriaId": "9A5309ED-D84F-4F52-9864-5B0FEEEE5022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7C441E-444B-4DF5-8491-86805C70FB99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.2.1:release:*:*:*:*:*:*",
"matchCriteriaId": "C9CCE8F3-84EE-4571-8AAA-BF2D132E9BD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:8.05:*:*:*:*:*:*:*",
"matchCriteriaId": "31B1ADC1-9B6D-4B5E-A05A-D69599A3A0D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*",
"matchCriteriaId": "771931F7-9180-4EBD-8627-E1CF17D24647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*",
"matchCriteriaId": "EDD9BE2B-7255-4FC1-B452-E8370632B03F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.23:*:*:*:*:*:*:*",
"matchCriteriaId": "32310AFE-38CC-4C6C-AE13-54C18720F2C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AC46909F-DDFC-448B-BCDF-1EB343F96630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9496279F-AB43-4B53-81A6-87C651ABC4BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*",
"matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E562907F-D915-4030-847A-3C6834A80D4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "138985E6-5107-4E8B-A801-C3D5FE075227",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "038FEDE7-986F-4CA5-9003-BA68352B87D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:openserver:5.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1E140F76-D078-4F58-89CF-3278CDCB9AF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:openserver:5.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D9D76A8D-832B-411E-A458-186733C66010",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(11\\)e:*:*:*:*:*:*:*",
"matchCriteriaId": "580BA1FE-0826-47A7-8BD3-9225E0841EDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(11b\\)e:*:*:*:*:*:*:*",
"matchCriteriaId": "040B04CD-B891-4F19-A7CC-5C2D462FBD6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(11b\\)e12:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF29685-7FFC-4093-A1D4-21E4871AF5C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(11b\\)e14:*:*:*:*:*:*:*",
"matchCriteriaId": "E72872C9-63AF-417F-BFAE-92B4D350C006",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(13\\)e9:*:*:*:*:*:*:*",
"matchCriteriaId": "80BCF196-5E5A-4F31-BCE7-AA0C748CA922",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(19\\)e1:*:*:*:*:*:*:*",
"matchCriteriaId": "970939C5-1E6F-47B6-97E6-7B2C1E019985",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(14\\)sy:*:*:*:*:*:*:*",
"matchCriteriaId": "CD1F4148-E772-4708-8C1F-D67F969C11DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(14\\)sy1:*:*:*:*:*:*:*",
"matchCriteriaId": "3CEBCEF0-5982-4B30-8377-9CAC978A1CB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2sy:*:*:*:*:*:*:*",
"matchCriteriaId": "09458CD7-D430-4957-8506-FAB2A3E2AA65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2za:*:*:*:*:*:*:*",
"matchCriteriaId": "62626BB6-D4EA-4A8A-ABC1-F86B37F19EDB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:4d:webstar:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B87C95-4B34-4628-AD03-67D1DE13E097",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:4d:webstar:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "758F95DB-E619-4B08-86FA-6CF2C1B0CBCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:4d:webstar:5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4F04471C-732F-44EE-AD1B-6305C1DD7DDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:4d:webstar:5.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3499913B-5DCD-4115-8C7B-9E8AFF79DE5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:4d:webstar:5.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E237919A-416B-4039-AAD2-7FAE1F4E100D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:4d:webstar:5.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "39149924-188C-40C1-B598-A9CD407C90DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:4d:webstar:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "15D5780C-4E29-4BCA-A47E-29FF6EAF33FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:4d:webstar:5.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E6501108-5455-48FE-AA82-37AFA5D7EC24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:intuity_audix:*:*:lx:*:*:*:*:*",
"matchCriteriaId": "C1A3B951-A1F8-4291-82FA-AB7922D13ACE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:intuity_audix:5.1.46:*:*:*:*:*:*:*",
"matchCriteriaId": "3F2E7C81-C0F5-4D36-9A23-03BE69295ED0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:intuity_audix:s3210:*:*:*:*:*:*:*",
"matchCriteriaId": "9D0EF4A3-2FE5-41E4-A764-30B379ECF081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:intuity_audix:s3400:*:*:*:*:*:*:*",
"matchCriteriaId": "CCF6D59E-8AEA-4380-B86B-0803B2202F16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:vsu:5:*:*:*:*:*:*:*",
"matchCriteriaId": "140ABF28-FA39-4D77-AEB2-304962ED48C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:vsu:5x:*:*:*:*:*:*:*",
"matchCriteriaId": "09473DD9-5114-44C5-B56C-6630FBEBCACB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:vsu:100_r2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7ECD3A4-5A39-4222-8350-524F11D8FFB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:vsu:500:*:*:*:*:*:*:*",
"matchCriteriaId": "D36C140D-E80C-479A-ADA7-18E901549059",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:vsu:2000_r2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "940712E9-B041-4B7F-BD02-7DD0AE596D65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:vsu:5000_r2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "03B887A2-9025-4C5B-8901-71BC63BF5293",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:vsu:7500_r2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "33264586-7160-4550-9FF9-4101D72F5C9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:vsu:10000_r2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CE5E6521-0611-4473-82AC-21655F10FEC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:*:*:vsx-ng-ai:*:*:*:*:*",
"matchCriteriaId": "AA9A50A1-CA8C-4EE5-B68F-4958F6B4B028",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:2.0:*:gx:*:*:*:*:*",
"matchCriteriaId": "8C83ABA2-87CD-429B-9800-590F8256B064",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:next_generation_fp0:*:*:*:*:*:*:*",
"matchCriteriaId": "A4D9A576-2878-4AC4-AC95-E69CB8A84A71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:next_generation_fp1:*:*:*:*:*:*:*",
"matchCriteriaId": "0A1A0B02-CF33-401F-9AB2-D595E586C795",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:next_generation_fp2:*:*:*:*:*:*:*",
"matchCriteriaId": "8C0EF3F0-B82E-45B7-8D05-05E76009F7A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:provider-1:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "90FB3825-21A6-4DBE-8188-67672DBE01CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:provider-1:4.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "80623E58-8B46-4559-89A4-C329AACF3CB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:provider-1:4.1:sp2:*:*:*:*:*:*",
"matchCriteriaId": "AEE6C228-CD93-4636-868B-C19BC1674BE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:provider-1:4.1:sp3:*:*:*:*:*:*",
"matchCriteriaId": "A645148C-AD0D-46C1-BEE3-10F5C9066279",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:provider-1:4.1:sp4:*:*:*:*:*:*",
"matchCriteriaId": "0D69187C-7F46-4FF0-A8A0-0E1989EA79BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:vpn-1:next_generation_fp0:*:*:*:*:*:*:*",
"matchCriteriaId": "4AE4A7EE-1BA3-46F1-BF4A-A72997EE0992",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:vpn-1:next_generation_fp1:*:*:*:*:*:*:*",
"matchCriteriaId": "02029D75-FAF2-4842-9246-079C7DE36417",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:vpn-1:next_generation_fp2:*:*:*:*:*:*:*",
"matchCriteriaId": "E0146341-364C-4085-A2E1-BC8C260FBA3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:vpn-1:vsx_ng_with_application_intelligence:*:*:*:*:*:*:*",
"matchCriteriaId": "B5EF01C8-1C8A-4BD1-A13B-CE31F09F9523",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:access_registrar:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B8496E0D-2507-4C25-A122-0B846CBCA72A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_and_content_networking_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E383F2A-DFCF-47F8-94EE-3563D41EA597",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:css_secure_content_accelerator:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D2D87EF0-056E-4128-89EB-2803ED83DEE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:css_secure_content_accelerator:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BB3163C1-2044-44DA-9C88-076D75FDF1EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:css11000_content_services_switch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07E1B690-C58B-4C08-A757-F3DF451FDAAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:okena_stormwatch:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "31F0E14C-7681-4D1A-B982-A51E450B93A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:pix_firewall:6.2.2_.111:*:*:*:*:*:*:*",
"matchCriteriaId": "ECBC761F-A8F5-4CD8-B19C-5CE8FFC58FDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:threat_response:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF39E8B-C201-4940-81C9-14AF4C3DD4B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webns:6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "AC604680-2E9E-4DC4-ACDD-74D552A45BA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webns:6.10_b4:*:*:*:*:*:*:*",
"matchCriteriaId": "37A94436-D092-4C7E-B87B-63BC621EE82E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webns:7.1_0.1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "862165CF-3CFB-4C6E-8238-86FA85F243C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webns:7.1_0.2.06:*:*:*:*:*:*:*",
"matchCriteriaId": "056F3336-BAA8-4A03-90B4-7B31710FC1B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webns:7.2_0.0.03:*:*:*:*:*:*:*",
"matchCriteriaId": "9FDC2510-FBB9-429A-B6D4-10AB11F93960",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webns:7.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5D45127E-A544-40A0-9D34-BD70D95C9772",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webns:7.10_.0.06s:*:*:*:*:*:*:*",
"matchCriteriaId": "56C69C3E-C895-45C8-8182-7BB412A0C828",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dell:bsafe_ssl-j:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A1FDD507-C38B-4C38-A54F-3DA6F07AD0B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dell:bsafe_ssl-j:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6F2B7AC2-CF08-4AC9-9A71-3A8130F9F9AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dell:bsafe_ssl-j:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4D9564B-B92E-4C97-87FF-B56D62DCA775",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:forcepoint:stonegate:1.5.17:*:*:*:*:*:*:*",
"matchCriteriaId": "FF2AD44D-3BE8-4541-B62D-9F01D46F8E6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:forcepoint:stonegate:1.5.18:*:*:*:*:*:*:*",
"matchCriteriaId": "8BF2E08B-9046-41A1-BEDE-EB0B6436315C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:forcepoint:stonegate:1.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "811E1BE8-3868-49F8-B6E8-D5705559B02E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:forcepoint:stonegate:1.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D67C9DB4-E46C-4E84-82D9-AF48EFDAEFBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:forcepoint:stonegate:1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "CF0E1BF0-6629-40DC-AB23-0256BABD0CB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:forcepoint:stonegate:1.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1AC4E7E5-FCC1-46B0-B69F-F1F6B36838ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:forcepoint:stonegate:1.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2C4AED89-F862-4071-8E94-481A59EDAE8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:forcepoint:stonegate:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7A3CB6FF-3840-4E80-A0A4-614D6686D2B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:forcepoint:stonegate:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "67010B0B-ECE7-4EE5-B103-05DC637E150F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:forcepoint:stonegate:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1355EF99-35FC-44A7-BC56-F7C0EA49BF0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:forcepoint:stonegate:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "6DDA8F10-B059-4403-A790-EFC8822588B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:forcepoint:stonegate:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "A06BCD31-3FB6-468B-9BC9-EA573717B19F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:forcepoint:stonegate:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "360238CC-3BF5-4750-B16D-8A2E0257022E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:forcepoint:stonegate:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "0C55C754-E213-4E79-AA7B-2CAF8A464388",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:forcepoint:stonegate:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "647BA524-5A79-408C-BBF2-5780BC522B64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:forcepoint:stonegate:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D599C49D-4D7D-4C44-9D8D-A3F76746BBA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:forcepoint:stonegate:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7B4DC717-0785-4C19-8A33-ACA5F378DF3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:forcepoint:stonegate:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "858843D3-84BB-48B6-80D1-1271AE60150D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:wbem:a.01.05.08:*:*:*:*:*:*:*",
"matchCriteriaId": "B931D4F8-23F5-4ABA-A457-959995D30C58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:wbem:a.02.00.00:*:*:*:*:*:*:*",
"matchCriteriaId": "BE6A023E-9C2A-487F-B5CE-674C766BFE75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:wbem:a.02.00.01:*:*:*:*:*:*:*",
"matchCriteriaId": "6A15ACA2-D500-4260-B51A-6FE6AB5A45A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:litespeedtech:litespeed_web_server:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0A7B80E0-40BB-4B4E-9711-AF293A038DD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:litespeedtech:litespeed_web_server:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9EFCFFE8-9CAD-4A7F-9751-8627E6297C9F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:litespeedtech:litespeed_web_server:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D3653856-207E-46A7-92DD-D7F377F1829A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:litespeedtech:litespeed_web_server:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7E4627BB-0D75-44BC-989F-0E85C9FA0E2B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:litespeedtech:litespeed_web_server:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "19053434-F9E7-4839-AB5A-B226CC4616A5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:litespeedtech:litespeed_web_server:1.2:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D04CABBA-7BEB-44EC-A6E4-A31E41A62BD7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:litespeedtech:litespeed_web_server:1.2:rc2:*:*:*:*:*:*",
"matchCriteriaId": "8D15C938-4DAB-4011-80EE-A2663E20BFC1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:litespeedtech:litespeed_web_server:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C9C056ED-2492-4B1C-BCB9-4F36806C4A48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:litespeedtech:litespeed_web_server:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A72FC232-A2CB-443B-9A4A-8BBFEFE6517C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:litespeedtech:litespeed_web_server:1.3:-:*:*:*:*:*:*",
"matchCriteriaId": "BA347CD3-0619-4EA2-A736-B59EE9E3AC12",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:litespeedtech:litespeed_web_server:1.3:rc1:*:*:*:*:*:*",
"matchCriteriaId": "4ACEF29C-3225-43A7-9E07-FBCCF555887E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:litespeedtech:litespeed_web_server:1.3:rc2:*:*:*:*:*:*",
"matchCriteriaId": "46D932AF-FB1A-464D-BA3D-2DC2D3C187CD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:litespeedtech:litespeed_web_server:1.3:rc3:*:*:*:*:*:*",
"matchCriteriaId": "9F532860-9E26-45C3-9FB3-6B0888F1279A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:neoteris:instant_virtual_extranet:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A037FAA6-6D26-4496-BC67-03475B4D1155",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:neoteris:instant_virtual_extranet:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D3831DD3-E783-4200-8986-FDBF7DD9BA53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:neoteris:instant_virtual_extranet:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2909C9D5-3D8F-4C41-B0E7-A0C0B432C19A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:neoteris:instant_virtual_extranet:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E09436DF-E3C1-4C03-A3BE-73C4BC84BB7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:neoteris:instant_virtual_extranet:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "699764B6-0F86-4AB0-86A3-4F2E69AD820C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7562ADC4-0D01-4FC2-98F0-1F4041BDA52E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E6FAB588-BDBE-4A04-AB9E-4F700A3951F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.5.12a:*:*:*:*:*:*:*",
"matchCriteriaId": "E1B83F84-D1EF-43B4-8620-3C1BCCE44553",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.5.27:*:*:*:*:*:*:*",
"matchCriteriaId": "41169D2F-4F16-466A-82E9-AD0735472B5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "947699C3-D9DE-411A-99C0-44ADD1D2223A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "15F668C0-8420-4401-AB0F-479575596CF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDCC7B6-34CA-4551-9833-306B93E517BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "6D69C160-39F7-48B8-B9A3-CC86690453C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "166BF638-ABDC-4BB9-BD4E-2B22681AD9CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8FA6420B-9F6A-48F4-A445-12B60A320347",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*",
"matchCriteriaId": "0FCA45CE-4127-47AD-BBA8-8A6DD83AE1C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA1CA40-7DB5-4DCA-97A8-9A8CF4FECECC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*",
"matchCriteriaId": "180D07AE-C571-4DD6-837C-43E2A946007A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:*",
"matchCriteriaId": "BA3E4D2A-6488-4F8B-A3CA-4161A10FA4DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*",
"matchCriteriaId": "90789533-C741-4B1C-A24B-2C77B9E4DE5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*",
"matchCriteriaId": "1520065B-46D7-48A4-B9D0-5B49F690C5B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*",
"matchCriteriaId": "5B76FE2D-FBE0-4A3B-A0EA-179332D74F0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:*",
"matchCriteriaId": "2AA526B9-726A-49D5-B3CA-EBE2DA303CA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:*",
"matchCriteriaId": "494E48E7-EF86-4860-9A53-94F6C313746E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*",
"matchCriteriaId": "45A518E8-21BE-4C5C-B425-410AB1208E9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.7:beta1:*:*:*:*:*:*",
"matchCriteriaId": "9E3AB748-E463-445C-ABAB-4FEDDFD1878B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.7:beta2:*:*:*:*:*:*",
"matchCriteriaId": "660E4B8D-AABA-4520-BC4D-CF8E76E07C05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.7:beta3:*:*:*:*:*:*",
"matchCriteriaId": "85BFEED5-4941-41BB-93D1-CD5C2A41290E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*",
"matchCriteriaId": "78E79A05-64F3-4397-952C-A5BB950C967D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*",
"matchCriteriaId": "7F7C9E77-1EB2-4720-A8FD-23DC1C877D5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*",
"matchCriteriaId": "549BB01D-F322-4FE3-BDA2-4FEA8ED8568A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openssl:0.9.6-15:*:i386:*:*:*:*:*",
"matchCriteriaId": "09F3FB7B-0F68-49F3-A3B7-977A687A42E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openssl:0.9.6b-3:*:i386:*:*:*:*:*",
"matchCriteriaId": "088F2FF7-96E5-455E-A35B-D99F9854EC6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openssl:0.9.7a-2:*:i386:*:*:*:*:*",
"matchCriteriaId": "FFA721BF-1B2E-479F-BF25-02D441BF175B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openssl:0.9.7a-2:*:i386_dev:*:*:*:*:*",
"matchCriteriaId": "AFEDCE49-21CC-4168-818F-4C638EE3B077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openssl:0.9.7a-2:*:i386_perl:*:*:*:*:*",
"matchCriteriaId": "B7D18F9B-C0BE-4DE8-81F4-5BF56C00BF41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sgi:propack:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "26430687-409B-448F-934B-06AB937DDF63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0702A32E-E577-403C-B4D9-15037D7100A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:servercluster:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8F0F78F4-E81E-4C6B-AB73-D6AAE191060E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:servercluster:2.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DF1A5808-6D5D-48AD-9470-5A6510D17913",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonebeat_fullcluster:1_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C1E8990D-D9A0-4A71-9D87-EC047E01B0D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonebeat_fullcluster:1_3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6DBCC172-6867-4DFD-AAEF-9BDB4DA21F46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonebeat_fullcluster:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C2F2BEEA-46BB-4718-B0F3-B4EC62B678A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonebeat_fullcluster:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8D09E11C-C5BB-409E-BB0D-7F351250419B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonebeat_fullcluster:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6B06A05D-AA31-441D-9FC2-3558648C3B7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonebeat_securitycluster:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C0886901-6F93-44C1-B774-84D7E5D9554C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonebeat_securitycluster:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3F203A80-7C1E-4A04-8E99-63525E176753",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonebeat_webcluster:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CA0A204C-158B-4014-A53C-75E0CD63E0DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonebeat_webcluster:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "085BA581-7DA5-4FA4-A888-351281FD0A7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tarantella:tarantella_enterprise:3.20:*:*:*:*:*:*:*",
"matchCriteriaId": "9519BCB2-B401-44CE-97F6-847BB36AE45F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tarantella:tarantella_enterprise:3.30:*:*:*:*:*:*:*",
"matchCriteriaId": "BBE573E8-DD94-4293-99AE-27B9067B3ED9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tarantella:tarantella_enterprise:3.40:*:*:*:*:*:*:*",
"matchCriteriaId": "D14413DA-5199-4282-9E22-D347E9D8E469",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:gsx_server:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "05CC5F49-0E9E-45D8-827D-A5940566DB25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:gsx_server:2.0.1_build_2129:*:*:*:*:*:*:*",
"matchCriteriaId": "5D94EE19-6CE9-4E02-8174-D9954CDBF02B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:gsx_server:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4E4BEE3-AE7B-4481-B724-2E644E18ACC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:gsx_server:2.5.1_build_5336:*:*:*:*:*:*:*",
"matchCriteriaId": "EAAB7052-E0B6-472E-920B-A0F0AEA25D6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:gsx_server:3.0_build_7592:*:*:*:*:*:*:*",
"matchCriteriaId": "8CE38F15-BD42-4171-8670-86AA8169A60C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:s8300:r2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "20C0BD87-CE4B-49D2-89BE-EF282C43AD72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:s8300:r2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C3E6C4A8-59F4-43EE-8413-E95289037598",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:s8500:r2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FE76357A-27E6-4D85-9AA0-1BB658C41568",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:s8500:r2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C56C5FDB-24E2-479D-87CA-164CD28567D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:s8700:r2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AEF6C16F-8EDF-4A24-BFEF-6A304D654EEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:s8700:r2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D982AE39-BB57-49E7-B5FE-5EF1ADE2F019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:bluecoat:proxysg:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1B6CFEC9-0F8F-4CD4-ABD1-E6533F910F7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "12DE5E22-DF93-46BE-85A3-D4E04379E901",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:content_services_switch_11500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BF28C435-C036-4507-8E3F-44E722F9974A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:gss_4480_global_site_selector:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CDA957E2-ABF9-49B2-874F-3FC3060CE0B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:gss_4490_global_site_selector:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5F2CDFE7-6853-4A31-85C0-50C57A8D606A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:mds_9000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0F2ED90B-DDBA-49DE-AC78-20E7D77C8858",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:secure_content_accelerator:10000:*:*:*:*:*:*:*",
"matchCriteriaId": "408A9DB0-81EF-4186-B338-44954E67289B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5B0C5F92-7E93-4C3F-B22B-E6612A4D3E10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.0.01:*:*:*:*:*:*:*",
"matchCriteriaId": "2D0DC4B4-9AD9-4AC8-BFA7-A3D209B5D089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.0.02:*:*:*:*:*:*:*",
"matchCriteriaId": "303362A5-9C3C-4C85-8C97-2AB12CE01BF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.0.03:*:*:*:*:*:*:*",
"matchCriteriaId": "FED22DC1-E06B-4511-B920-6DAB792262D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.0.04:*:*:*:*:*:*:*",
"matchCriteriaId": "4CE44CA7-4BC7-4C2B-948F-2ACABB91528B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F757B2A7-869F-4702-81EB-466317A79D61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "01F6E9A9-6C85-48DA-BC61-55F8EACCB59F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:sun:crypto_accelerator_4000:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "64AF1E33-4086-43E2-8F54-DA75A99D4B75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:bluecoat:cacheos_ca_sa:4.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "53D16F03-A4C7-4497-AB74-499F208FF059",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:bluecoat:cacheos_ca_sa:4.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "13A33EC1-836B-4C8C-AC18-B5BD4F90E612",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "58BE9C02-2A01-4F6F-A6BD-BC0173561E9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C558CED8-8342-46CB-9F52-580B626D320E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0F85D19E-6C26-429D-B876-F34238B9DAAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FEC7CCF7-CBC6-4EDC-8EDD-884DFFFBCC7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E5011A33-CD6D-4EFC-ACFD-E51C9AE726A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(4.101\\):*:*:*:*:*:*:*",
"matchCriteriaId": "09063867-0E64-4630-B35B-4CCA348E4DAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78F98CD7-A352-483C-9968-8FB2627A7CBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F97FE485-705F-4707-B6C6-0EF9E8A85D5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E2B925E8-D2C2-4E8C-AC21-0C422245C482",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B9170562-872E-4C32-869C-B10FF35A925E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D0927A68-8BB2-4F03-8396-E9CACC158FC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "559DDBA3-2AF4-4A0C-B219-6779BA931F21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "ED9D142A-DDC8-4BD6-8C22-F242C9C0B1ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5226C9CC-6933-4F10-B426-B47782C606FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "757DAE9A-B25D-4B8A-A41B-66C2897B537E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5E3DC170-E279-4725-B9EE-6840B5685CC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(3.100\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8091EDA9-BD18-47F7-8CEC-E086238647C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6F867890-74A4-4892-B99A-27DB4603B873",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CE05B514-F094-4632-B25B-973F976F6409",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3392428D-1A85-4472-A276-C482A78E2CE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(3.102\\):*:*:*:*:*:*:*",
"matchCriteriaId": "40954985-16E6-4F37-B014-6A55166AE093",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(3.109\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0C097809-1FEF-4417-A201-42291CC29122",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read."
},
{
"lang": "es",
"value": "El c\u00f3digo que une SSL/TLS en OpenSSL 0.9.7a, 0.9.7b y 0.9.7c, usando Kerberos, no comprueba adecuadamente la longitud de los tickets de Kerberos, lo que permite que atacantes remotos provoquen una denegaci\u00f3n de servicio."
}
],
"id": "CVE-2004-0112",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-11-23T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://docs.info.apple.com/article.html?artnum=61798"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://lists.apple.com/mhonarc/security-announce/msg00045.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107953412903636\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108403806509920\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/11139"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200403-03.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.ciac.org/ciac/bulletins/o-101.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/484726"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.novell.com/linux/security/advisories/2004_07_openssl.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.openssl.org/news/secadv_20040317.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-120.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-121.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/9899"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.455961"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.trustix.org/errata/2004/0012"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15508"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1049"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A928"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9580"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://docs.info.apple.com/article.html?artnum=61798"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://lists.apple.com/mhonarc/security-announce/msg00045.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107953412903636\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108403806509920\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/11139"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200403-03.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.ciac.org/ciac/bulletins/o-101.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/484726"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.novell.com/linux/security/advisories/2004_07_openssl.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.openssl.org/news/secadv_20040317.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-120.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-121.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/9899"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.455961"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.trustix.org/errata/2004/0012"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15508"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1049"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A928"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9580"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.",
"lastModified": "2007-03-14T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-02-12 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Check Point Firewall-1 allows remote attackers to bypass port access restrictions on an FTP server by forcing it to send malicious packets that Firewall-1 misinterprets as a valid 227 response to a client's PASV attempt.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.kb.cert.org/vuls/id/328867 | US Government Resource | |
| cve@mitre.org | http://www.osvdb.org/4417 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/979 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/328867 | US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.osvdb.org/4417 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/979 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| checkpoint | firewall-1 | 3.0 | |
| checkpoint | firewall-1 | 4.0 | |
| cisco | pix_firewall_software | 4.1\(6\) | |
| cisco | pix_firewall_software | 4.1\(6b\) | |
| cisco | pix_firewall_software | 4.2\(1\) | |
| cisco | pix_firewall_software | 4.2\(2\) | |
| cisco | pix_firewall_software | 4.3 | |
| cisco | pix_firewall_software | 4.4\(4\) | |
| cisco | pix_firewall_software | 5.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A550C18E-F07A-4A05-87F0-B1D52FDC401C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0F543272-8C7E-4326-BA97-142FBEA641E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:4.1\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1EEDB9DD-C862-4783-9F96-88836424B298",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:4.1\\(6b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3BD36C4A-4B90-4012-B4A5-6081C413E302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:4.2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B1C4F7D5-DCD0-409C-86BF-A96A5253DF64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:4.2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8198D129-76D0-4983-BFC4-8EC724FE1B6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "49566EAC-05AF-4880-8000-351AF538E4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:4.4\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "118CBF59-DAD8-468E-B279-F6359E4624F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7AA2E425-904C-4070-8F5F-B81BCF3147F6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Check Point Firewall-1 allows remote attackers to bypass port access restrictions on an FTP server by forcing it to send malicious packets that Firewall-1 misinterprets as a valid 227 response to a client\u0027s PASV attempt."
}
],
"id": "CVE-2000-0150",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-02-12T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/328867"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/4417"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/979"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/328867"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/4417"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/979"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-07-12 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Format string vulnerability in Check Point VPN-1/FireWall-1 4.1 allows a remote authenticated firewall administrator to execute arbitrary code via format strings in the control connection.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://archives.neohapsis.com/archives/bugtraq/2001-07/0209.html | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.checkpoint.com/techsupport/alerts/format_strings.html | ||
| cve@mitre.org | http://www.osvdb.org/1901 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/3021 | Patch, Vendor Advisory | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/6849 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://archives.neohapsis.com/archives/bugtraq/2001-07/0209.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.checkpoint.com/techsupport/alerts/format_strings.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.osvdb.org/1901 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/3021 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/6849 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| checkpoint | firewall-1 | 4.1 | |
| checkpoint | firewall-1 | 4.1 | |
| checkpoint | firewall-1 | 4.1 | |
| checkpoint | firewall-1 | 4.1 | |
| checkpoint | provider-1 | 4.1 | |
| checkpoint | provider-1 | 4.1 | |
| checkpoint | provider-1 | 4.1 | |
| checkpoint | provider-1 | 4.1 | |
| checkpoint | vpn-1 | 4.1 | |
| checkpoint | vpn-1 | 4.1 | |
| checkpoint | vpn-1 | 4.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "100F03E3-1538-47AF-9CA6-E9E5C1DF05D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "AFCB5D3D-E8C6-43CE-A1D4-7F46519E9893",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.1:sp2:*:*:*:*:*:*",
"matchCriteriaId": "0A7ED9A2-3996-4ABE-B0EF-92ACF6C8A38B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.1:sp3:*:*:*:*:*:*",
"matchCriteriaId": "997ABD78-6DF8-440C-B90A-E5CD7C6ACA75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:provider-1:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "90FB3825-21A6-4DBE-8188-67672DBE01CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:provider-1:4.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "80623E58-8B46-4559-89A4-C329AACF3CB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:provider-1:4.1:sp2:*:*:*:*:*:*",
"matchCriteriaId": "AEE6C228-CD93-4636-868B-C19BC1674BE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:provider-1:4.1:sp3:*:*:*:*:*:*",
"matchCriteriaId": "A645148C-AD0D-46C1-BEE3-10F5C9066279",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:vpn-1:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0219DD2D-A37D-4425-9436-4F3DA1B7F63D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:vpn-1:4.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "7D2582AE-B67A-45DF-B798-8A0426613BDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:vpn-1:4.1:sp3:*:*:*:*:*:*",
"matchCriteriaId": "B9754CCE-CEC5-4359-9C62-133885817DEF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in Check Point VPN-1/FireWall-1 4.1 allows a remote authenticated firewall administrator to execute arbitrary code via format strings in the control connection."
}
],
"id": "CVE-2001-1176",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-07-12T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-07/0209.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.checkpoint.com/techsupport/alerts/format_strings.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/1901"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/3021"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6849"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-07/0209.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.checkpoint.com/techsupport/alerts/format_strings.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/1901"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/3021"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6849"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-12-11 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Check Point Firewall-1 session agent 3.0 through 4.1 generates different error messages for invalid user names versus invalid passwords, which allows remote attackers to determine valid usernames and guess a password via a brute force attack.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/archive/1/76389 | Vendor Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/1662 | Exploit, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/76389 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/1662 | Exploit, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| checkpoint | firewall-1 | 3.0 | |
| checkpoint | firewall-1 | 4.0 | |
| checkpoint | firewall-1 | 4.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A550C18E-F07A-4A05-87F0-B1D52FDC401C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0F543272-8C7E-4326-BA97-142FBEA641E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "100F03E3-1538-47AF-9CA6-E9E5C1DF05D4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Check Point Firewall-1 session agent 3.0 through 4.1 generates different error messages for invalid user names versus invalid passwords, which allows remote attackers to determine valid usernames and guess a password via a brute force attack."
}
],
"id": "CVE-2000-1037",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-12-11T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/archive/1/76389"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1662"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/archive/1/76389"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1662"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1999-08-09 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Check Point FireWall-1 can be subjected to a denial of service via UDP packets that are sent through VPN-1 to port 0 of a host.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.osvdb.org/1038 | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/23615 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/576 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.osvdb.org/1038 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/23615 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/576 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| checkpoint | firewall-1 | 3.0 | |
| checkpoint | firewall-1 | 4.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A550C18E-F07A-4A05-87F0-B1D52FDC401C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0F543272-8C7E-4326-BA97-142FBEA641E5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Check Point FireWall-1 can be subjected to a denial of service via UDP packets that are sent through VPN-1 to port 0 of a host."
}
],
"id": "CVE-1999-0675",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1999-08-09T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/1038"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/23615"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/576"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/1038"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/23615"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/576"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-10-20 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Checkpoint Firewall-1 with the RSH/REXEC setting enabled allows remote attackers to bypass access restrictions and connect to a RSH/REXEC client via malformed connection requests.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.checkpoint.com/techsupport/alerts/list_vun.html#Improper_stderr | ||
| cve@mitre.org | http://www.osvdb.org/1487 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/1534 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.checkpoint.com/techsupport/alerts/list_vun.html#Improper_stderr | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.osvdb.org/1487 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/1534 | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| checkpoint | firewall-1 | 3.0 | |
| checkpoint | firewall-1 | 4.0 | |
| checkpoint | firewall-1 | 4.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A550C18E-F07A-4A05-87F0-B1D52FDC401C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0F543272-8C7E-4326-BA97-142FBEA641E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "100F03E3-1538-47AF-9CA6-E9E5C1DF05D4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Checkpoint Firewall-1 with the RSH/REXEC setting enabled allows remote attackers to bypass access restrictions and connect to a RSH/REXEC client via malformed connection requests."
}
],
"id": "CVE-2000-0779",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-10-20T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.checkpoint.com/techsupport/alerts/list_vun.html#Improper_stderr"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/1487"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1534"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.checkpoint.com/techsupport/alerts/list_vun.html#Improper_stderr"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/1487"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1534"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-09-21 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in the GUI authentication code of Check Point VPN-1/FireWall-1 Management Server 4.0 and 4.1 allows remote attackers to execute arbitrary code via a long user name.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://archives.neohapsis.com/archives/win2ksecadvice/2001-q3/0151.html | Patch, Vendor Advisory | |
| cve@mitre.org | http://cert.uni-stuttgart.de/archive/bugtraq/2001/11/msg00291.html | ||
| cve@mitre.org | http://marc.info/?l=bugtraq&m=100094268017271&w=2 | ||
| cve@mitre.org | http://marc.info/?l=bugtraq&m=100698954308436&w=2 | ||
| cve@mitre.org | http://www.checkpoint.com/techsupport/alerts/buffer_overflow.html | ||
| cve@mitre.org | http://www.osvdb.org/1951 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/3336 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/7145 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://archives.neohapsis.com/archives/win2ksecadvice/2001-q3/0151.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://cert.uni-stuttgart.de/archive/bugtraq/2001/11/msg00291.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=100094268017271&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=100698954308436&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.checkpoint.com/techsupport/alerts/buffer_overflow.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.osvdb.org/1951 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/3336 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/7145 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| checkpoint | firewall-1 | 4.0 | |
| checkpoint | firewall-1 | 4.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0F543272-8C7E-4326-BA97-142FBEA641E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "100F03E3-1538-47AF-9CA6-E9E5C1DF05D4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the GUI authentication code of Check Point VPN-1/FireWall-1 Management Server 4.0 and 4.1 allows remote attackers to execute arbitrary code via a long user name."
}
],
"id": "CVE-2001-0940",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-09-21T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/win2ksecadvice/2001-q3/0151.html"
},
{
"source": "cve@mitre.org",
"url": "http://cert.uni-stuttgart.de/archive/bugtraq/2001/11/msg00291.html"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=100094268017271\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=100698954308436\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.checkpoint.com/techsupport/alerts/buffer_overflow.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/1951"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/3336"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7145"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/win2ksecadvice/2001-q3/0151.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://cert.uni-stuttgart.de/archive/bugtraq/2001/11/msg00291.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=100094268017271\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=100698954308436\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.checkpoint.com/techsupport/alerts/buffer_overflow.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/1951"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/3336"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7145"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1999-07-29 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Firewall-1 sets a long timeout for connections that begin with ACK or other packets except SYN, allowing an attacker to conduct a denial of service via a large number of connection attempts to unresponsive systems.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.osvdb.org/1027 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/549 | Exploit, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.osvdb.org/1027 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/549 | Exploit, Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| checkpoint | firewall-1 | 3.0 | |
| checkpoint | firewall-1 | 4.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A550C18E-F07A-4A05-87F0-B1D52FDC401C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0F543272-8C7E-4326-BA97-142FBEA641E5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Firewall-1 sets a long timeout for connections that begin with ACK or other packets except SYN, allowing an attacker to conduct a denial of service via a large number of connection attempts to unresponsive systems."
}
],
"id": "CVE-1999-0770",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1999-07-29T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/1027"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/549"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/1027"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/549"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-11-14 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in Getkey in the protocol checker in the inter-module communication mechanism in Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to cause a denial of service.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.checkpoint.com/techsupport/alerts/list_vun.html#Getkey_Buffer | ||
| cve@mitre.org | http://www.osvdb.org/4422 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/5139 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.checkpoint.com/techsupport/alerts/list_vun.html#Getkey_Buffer | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.osvdb.org/4422 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/5139 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| checkpoint | firewall-1 | 3.0 | |
| checkpoint | firewall-1 | 4.0 | |
| checkpoint | firewall-1 | 4.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A550C18E-F07A-4A05-87F0-B1D52FDC401C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0F543272-8C7E-4326-BA97-142FBEA641E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "100F03E3-1538-47AF-9CA6-E9E5C1DF05D4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Getkey in the protocol checker in the inter-module communication mechanism in Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to cause a denial of service."
}
],
"id": "CVE-2000-0809",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-11-14T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.checkpoint.com/techsupport/alerts/list_vun.html#Getkey_Buffer"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/4422"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5139"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.checkpoint.com/techsupport/alerts/list_vun.html#Getkey_Buffer"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/4422"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5139"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-03-26 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
FireWall-1 4.1 with a limited-IP license allows remote attackers to cause a denial of service by sending a large number of spoofed IP packets with various source addresses to the inside interface, which floods the console with warning messages and consumes CPU resources.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://archives.neohapsis.com/archives/bugtraq/2001-01/0298.html | Vendor Advisory | |
| cve@mitre.org | http://www.osvdb.org/1733 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/2238 | Patch, Vendor Advisory | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/5966 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://archives.neohapsis.com/archives/bugtraq/2001-01/0298.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.osvdb.org/1733 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/2238 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/5966 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| checkpoint | firewall-1 | 4.1 | |
| checkpoint | firewall-1 | 4.1 | |
| checkpoint | firewall-1 | 4.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "100F03E3-1538-47AF-9CA6-E9E5C1DF05D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.1:sp2:*:*:*:*:*:*",
"matchCriteriaId": "0A7ED9A2-3996-4ABE-B0EF-92ACF6C8A38B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.1:sp3:*:*:*:*:*:*",
"matchCriteriaId": "997ABD78-6DF8-440C-B90A-E5CD7C6ACA75",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FireWall-1 4.1 with a limited-IP license allows remote attackers to cause a denial of service by sending a large number of spoofed IP packets with various source addresses to the inside interface, which floods the console with warning messages and consumes CPU resources."
}
],
"id": "CVE-2001-0182",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-03-26T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-01/0298.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/1733"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/2238"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5966"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-01/0298.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/1733"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/2238"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5966"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Check Point FireWall-1 4.1 and Next Generation (NG), with UserAuth configured to proxy HTTP traffic only, allows remote attackers to pass unauthorized HTTPS, FTP and possibly other traffic through the firewall.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://archives.neohapsis.com/archives/bugtraq/2002-09/0219.html | ||
| cve@mitre.org | http://www.iss.net/security_center/static/10139.php | ||
| cve@mitre.org | http://www.securityfocus.com/bid/5744 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://archives.neohapsis.com/archives/bugtraq/2002-09/0219.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.iss.net/security_center/static/10139.php | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/5744 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| checkpoint | firewall-1 | 4.1 | |
| checkpoint | firewall-1 | ng |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "100F03E3-1538-47AF-9CA6-E9E5C1DF05D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:ng:*:*:*:*:*:*:*",
"matchCriteriaId": "F913C253-AD70-4316-BC73-E5AD5628B360",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Check Point FireWall-1 4.1 and Next Generation (NG), with UserAuth configured to proxy HTTP traffic only, allows remote attackers to pass unauthorized HTTPS, FTP and possibly other traffic through the firewall."
}
],
"id": "CVE-2002-2405",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-09/0219.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.iss.net/security_center/static/10139.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/5744"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-09/0219.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.iss.net/security_center/static/10139.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/5744"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1999-10-20 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Firewall-1 does not properly restrict access to LDAP attributes.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.osvdb.org/1117 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/725 | ||
| cve@mitre.org | http://www.securityfocus.com/templates/archive.pike?list=1&msg=19991020150002.21047.qmail%40tarjan.mediaways.net | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.osvdb.org/1117 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/725 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/templates/archive.pike?list=1&msg=19991020150002.21047.qmail%40tarjan.mediaways.net |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| checkpoint | firewall-1 | 4.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0F543272-8C7E-4326-BA97-142FBEA641E5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Firewall-1 does not properly restrict access to LDAP attributes."
}
],
"id": "CVE-1999-0895",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1999-10-20T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/1117"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/725"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=19991020150002.21047.qmail%40tarjan.mediaways.net"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/1117"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/725"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=19991020150002.21047.qmail%40tarjan.mediaways.net"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-04-01 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Check Point Firewall-1 3.0b through 4.0 SP1 follows symlinks and creates a world-writable temporary .cpp file when compiling Policy rules, which could allow local users to gain privileges or modify the firewall policy.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://archives.neohapsis.com/archives/bugtraq/2001-09/0046.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://archives.neohapsis.com/archives/bugtraq/2001-09/0046.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| checkpoint | firewall-1 | 3.0b |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:3.0b:*:*:*:*:*:*:*",
"matchCriteriaId": "26979D75-2E28-49FE-9ADB-F99A0A6DB479",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Check Point Firewall-1 3.0b through 4.0 SP1 follows symlinks and creates a world-writable temporary .cpp file when compiling Policy rules, which could allow local users to gain privileges or modify the firewall policy."
},
{
"lang": "es",
"value": "Chek Point Firewall-1 3.0b a 4.0 SP1 sigue enlaces simb\u00f3licos y crea un fichero temporal .cpp escribible por todos los usuarios cuando compila las reglas de seguridad, lo que permite a un usuario local obtener privilegios o modificar la pol\u00edtica del web."
}
],
"id": "CVE-2001-1171",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-04-01T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-09/0046.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-09/0046.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Check Point Firewall-1 4.1 up to NG AI R55 allows remote attackers to obtain potentially sensitive information by sending an Internet Key Exchange (IKE) with a certain Vendor ID payload that causes Firewall-1 to return a response containing version and other information.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://archives.neohapsis.com/archives/fulldisclosure/2004-06/0477.html | ||
| cve@mitre.org | http://www.nta-monitor.com/news/checkpoint2004/index.htm | ||
| cve@mitre.org | http://www.securityfocus.com/bid/10558 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/16434 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://archives.neohapsis.com/archives/fulldisclosure/2004-06/0477.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.nta-monitor.com/news/checkpoint2004/index.htm | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/10558 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/16434 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| checkpoint | firewall-1 | 4.0 | |
| checkpoint | firewall-1 | 4.0 | |
| checkpoint | firewall-1 | 4.0 | |
| checkpoint | firewall-1 | 4.0 | |
| checkpoint | firewall-1 | 4.0 | |
| checkpoint | firewall-1 | 4.0 | |
| checkpoint | firewall-1 | 4.0 | |
| checkpoint | firewall-1 | 4.0 | |
| checkpoint | firewall-1 | 4.0 | |
| checkpoint | firewall-1 | 4.1 | |
| checkpoint | firewall-1 | 4.1 | |
| checkpoint | firewall-1 | 4.1 | |
| checkpoint | firewall-1 | 4.1 | |
| checkpoint | firewall-1 | 4.1 | |
| checkpoint | firewall-1 | 4.1 | |
| checkpoint | firewall-1 | 4.1 | |
| checkpoint | firewall-1 | 4.1 | |
| checkpoint | firewall-1 | r55 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0F543272-8C7E-4326-BA97-142FBEA641E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "74D81CF6-8E46-4BED-BC1E-9470E6088521",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.0:sp2:*:*:*:*:*:*",
"matchCriteriaId": "84C971FD-7282-4806-A717-686C3AE72A33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "D8B8D963-B447-4B53-8449-D53E1CED11BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.0:sp4:*:*:*:*:*:*",
"matchCriteriaId": "5F7A328F-CB62-40FA-A9B0-BFAB9F487689",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.0:sp5:*:*:*:*:*:*",
"matchCriteriaId": "2AA58BEC-68C0-401A-A1DE-353451E86648",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.0:sp6:*:*:*:*:*:*",
"matchCriteriaId": "D5AA0024-EBDC-42F7-8ED6-4651FFBA9668",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.0:sp7:*:*:*:*:*:*",
"matchCriteriaId": "743B9B05-7D09-4AA1-A1CC-D249F57B8156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.0:sp8:*:*:*:*:*:*",
"matchCriteriaId": "5ADFB8F4-21EF-4E74-BD0E-DF4692DC9842",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "100F03E3-1538-47AF-9CA6-E9E5C1DF05D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "AFCB5D3D-E8C6-43CE-A1D4-7F46519E9893",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.1:sp2:*:*:*:*:*:*",
"matchCriteriaId": "0A7ED9A2-3996-4ABE-B0EF-92ACF6C8A38B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.1:sp3:*:*:*:*:*:*",
"matchCriteriaId": "997ABD78-6DF8-440C-B90A-E5CD7C6ACA75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.1:sp4:*:*:*:*:*:*",
"matchCriteriaId": "60536AAF-76BC-4773-98FA-5F01E2D231FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.1:sp5:*:*:*:*:*:*",
"matchCriteriaId": "1E4206C4-05A7-46D1-90C7-6BA7744C7AD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.1:sp5a:*:*:*:*:*:*",
"matchCriteriaId": "B78091F6-C3A7-4842-B555-D7ECC080E565",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.1:sp6:*:*:*:*:*:*",
"matchCriteriaId": "8505646A-6118-4274-9281-FC3C383E30E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:r55:*:ng-ai:*:*:*:*:*",
"matchCriteriaId": "56C27C63-9254-4BAC-83C3-EB7EBDBF0FB8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Check Point Firewall-1 4.1 up to NG AI R55 allows remote attackers to obtain potentially sensitive information by sending an Internet Key Exchange (IKE) with a certain Vendor ID payload that causes Firewall-1 to return a response containing version and other information."
}
],
"id": "CVE-2004-2679",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-06/0477.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.nta-monitor.com/news/checkpoint2004/index.htm"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/10558"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16434"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-06/0477.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.nta-monitor.com/news/checkpoint2004/index.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/10558"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16434"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-06-06 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Check Point Firewall-1 allows remote attackers to cause a denial of service by sending a large number of malformed fragmented IP packets.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://archives.neohapsis.com/archives/bugtraq/2000-05/0473.html | ||
| cve@mitre.org | http://www.checkpoint.com/techsupport/alerts/list_vun.html#IP_Fragmentation | ||
| cve@mitre.org | http://www.osvdb.org/1379 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/1312 | Exploit, Patch, Vendor Advisory | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/4609 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://archives.neohapsis.com/archives/bugtraq/2000-05/0473.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.checkpoint.com/techsupport/alerts/list_vun.html#IP_Fragmentation | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.osvdb.org/1379 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/1312 | Exploit, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/4609 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| checkpoint | firewall-1 | 4.0 | |
| checkpoint | firewall-1 | 4.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0F543272-8C7E-4326-BA97-142FBEA641E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "100F03E3-1538-47AF-9CA6-E9E5C1DF05D4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Check Point Firewall-1 allows remote attackers to cause a denial of service by sending a large number of malformed fragmented IP packets."
}
],
"id": "CVE-2000-0482",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-06-06T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0473.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.checkpoint.com/techsupport/alerts/list_vun.html#IP_Fragmentation"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/1379"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1312"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4609"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0473.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.checkpoint.com/techsupport/alerts/list_vun.html#IP_Fragmentation"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/1379"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1312"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4609"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-11-14 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
The inter-module authentication mechanism (fwa1) in Check Point VPN-1/FireWall-1 4.1 and earlier may allow remote attackers to conduct a denial of service, aka "Inter-module Communications Bypass."
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.checkpoint.com/techsupport/alerts/list_vun.html#Inter-module_Communications | ||
| cve@mitre.org | http://www.osvdb.org/4413 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/5162 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.checkpoint.com/techsupport/alerts/list_vun.html#Inter-module_Communications | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.osvdb.org/4413 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/5162 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| checkpoint | firewall-1 | 3.0 | |
| checkpoint | firewall-1 | 4.0 | |
| checkpoint | firewall-1 | 4.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A550C18E-F07A-4A05-87F0-B1D52FDC401C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0F543272-8C7E-4326-BA97-142FBEA641E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "100F03E3-1538-47AF-9CA6-E9E5C1DF05D4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The inter-module authentication mechanism (fwa1) in Check Point VPN-1/FireWall-1 4.1 and earlier may allow remote attackers to conduct a denial of service, aka \"Inter-module Communications Bypass.\""
}
],
"id": "CVE-2000-0806",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-11-14T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.checkpoint.com/techsupport/alerts/list_vun.html#Inter-module_Communications"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/4413"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5162"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.checkpoint.com/techsupport/alerts/list_vun.html#Inter-module_Communications"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/4413"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5162"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-08-12 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Check Point FireWall-1 SecuRemote/SecuClient 4.0 and 4.1 allows clients to bypass the "authentication timeout" by modifying the to_expire or expire values in the client's users.C configuration file.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://online.securityfocus.com/archive/1/260662 | Vendor Advisory | |
| cve@mitre.org | http://www.iss.net/security_center/static/8423.php | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/4253 | Exploit, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://online.securityfocus.com/archive/1/260662 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.iss.net/security_center/static/8423.php | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/4253 | Exploit, Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| checkpoint | check_point_vpn | 1_4.1 | |
| checkpoint | check_point_vpn | 1_4.1_sp1 | |
| checkpoint | check_point_vpn | 1_4.1_sp2 | |
| checkpoint | check_point_vpn | 1_4.1_sp3 | |
| checkpoint | check_point_vpn | 1_4.1_sp4 | |
| checkpoint | firewall-1 | 4.0 | |
| checkpoint | firewall-1 | 4.0 | |
| checkpoint | firewall-1 | 4.0 | |
| checkpoint | firewall-1 | 4.0 | |
| checkpoint | firewall-1 | 4.0 | |
| checkpoint | firewall-1 | 4.0 | |
| checkpoint | firewall-1 | 4.0 | |
| checkpoint | firewall-1 | 4.0 | |
| checkpoint | firewall-1 | 4.0 | |
| checkpoint | firewall-1 | 4.1 | |
| checkpoint | firewall-1 | 4.1 | |
| checkpoint | firewall-1 | 4.1 | |
| checkpoint | firewall-1 | 4.1 | |
| checkpoint | firewall-1 | 4.1 | |
| checkpoint | firewall-1 | 4.1 | |
| checkpoint | next_generation | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:checkpoint:check_point_vpn:1_4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B5BEA055-A8FC-4A7C-A207-03AB340649D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:check_point_vpn:1_4.1_sp1:*:*:*:*:*:*:*",
"matchCriteriaId": "D1E70DB9-7B37-4001-AC50-90FED1082187",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:check_point_vpn:1_4.1_sp2:*:*:*:*:*:*:*",
"matchCriteriaId": "C429DA4B-D3C1-43AF-8AF8-69F177D26861",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:check_point_vpn:1_4.1_sp3:*:*:*:*:*:*:*",
"matchCriteriaId": "AB00EB68-0512-4AB3-A3F6-E2928F0A325F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:check_point_vpn:1_4.1_sp4:*:*:*:*:*:*:*",
"matchCriteriaId": "2E12BA38-E45F-45C2-A722-B7A05072A4B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0F543272-8C7E-4326-BA97-142FBEA641E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "74D81CF6-8E46-4BED-BC1E-9470E6088521",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.0:sp2:*:*:*:*:*:*",
"matchCriteriaId": "84C971FD-7282-4806-A717-686C3AE72A33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "D8B8D963-B447-4B53-8449-D53E1CED11BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.0:sp4:*:*:*:*:*:*",
"matchCriteriaId": "5F7A328F-CB62-40FA-A9B0-BFAB9F487689",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.0:sp5:*:*:*:*:*:*",
"matchCriteriaId": "2AA58BEC-68C0-401A-A1DE-353451E86648",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.0:sp6:*:*:*:*:*:*",
"matchCriteriaId": "D5AA0024-EBDC-42F7-8ED6-4651FFBA9668",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.0:sp7:*:*:*:*:*:*",
"matchCriteriaId": "743B9B05-7D09-4AA1-A1CC-D249F57B8156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.0:sp8:*:*:*:*:*:*",
"matchCriteriaId": "5ADFB8F4-21EF-4E74-BD0E-DF4692DC9842",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "100F03E3-1538-47AF-9CA6-E9E5C1DF05D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "AFCB5D3D-E8C6-43CE-A1D4-7F46519E9893",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.1:sp2:*:*:*:*:*:*",
"matchCriteriaId": "0A7ED9A2-3996-4ABE-B0EF-92ACF6C8A38B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.1:sp3:*:*:*:*:*:*",
"matchCriteriaId": "997ABD78-6DF8-440C-B90A-E5CD7C6ACA75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.1:sp4:*:*:*:*:*:*",
"matchCriteriaId": "60536AAF-76BC-4773-98FA-5F01E2D231FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.1:sp5:*:*:*:*:*:*",
"matchCriteriaId": "1E4206C4-05A7-46D1-90C7-6BA7744C7AD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:next_generation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A5684554-DE87-450B-B8DA-5140BC7B8406",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Check Point FireWall-1 SecuRemote/SecuClient 4.0 and 4.1 allows clients to bypass the \"authentication timeout\" by modifying the to_expire or expire values in the client\u0027s users.C configuration file."
}
],
"id": "CVE-2002-0428",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-08-12T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://online.securityfocus.com/archive/1/260662"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/8423.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/4253"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://online.securityfocus.com/archive/1/260662"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/8423.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/4253"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-11-23 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt | ||
| cve@mitre.org | ftp://patches.sgi.com/support/free/security/advisories/20040304-01-U.asc | ||
| cve@mitre.org | http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000834 | ||
| cve@mitre.org | http://fedoranews.org/updates/FEDORA-2004-095.shtml | ||
| cve@mitre.org | http://marc.info/?l=bugtraq&m=107955049331965&w=2 | ||
| cve@mitre.org | http://marc.info/?l=bugtraq&m=108403850228012&w=2 | ||
| cve@mitre.org | http://rhn.redhat.com/errata/RHSA-2004-119.html | ||
| cve@mitre.org | http://secunia.com/advisories/11139 | ||
| cve@mitre.org | http://security.gentoo.org/glsa/glsa-200403-03.xml | ||
| cve@mitre.org | http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524 | ||
| cve@mitre.org | http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml | ||
| cve@mitre.org | http://www.debian.org/security/2004/dsa-465 | ||
| cve@mitre.org | http://www.kb.cert.org/vuls/id/465542 | Third Party Advisory, US Government Resource | |
| cve@mitre.org | http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2004-120.html | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2004-121.html | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2004-139.html | ||
| cve@mitre.org | http://www.securityfocus.com/bid/9899 | Vendor Advisory | |
| cve@mitre.org | http://www.trustix.org/errata/2004/0012 | ||
| cve@mitre.org | http://www.uniras.gov.uk/vuls/2004/224012/index.htm | ||
| cve@mitre.org | http://www.us-cert.gov/cas/techalerts/TA04-078A.html | US Government Resource | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/15509 | ||
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11755 | ||
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A871 | ||
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A902 | ||
| af854a3a-2127-422b-91ae-364da2661108 | ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt | ||
| af854a3a-2127-422b-91ae-364da2661108 | ftp://patches.sgi.com/support/free/security/advisories/20040304-01-U.asc | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000834 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://fedoranews.org/updates/FEDORA-2004-095.shtml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=107955049331965&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=108403850228012&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2004-119.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/11139 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-200403-03.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2004/dsa-465 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/465542 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2004-120.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2004-121.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2004-139.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/9899 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.trustix.org/errata/2004/0012 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.uniras.gov.uk/vuls/2004/224012/index.htm | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.us-cert.gov/cas/techalerts/TA04-078A.html | US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/15509 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11755 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A871 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A902 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | firewall_services_module | * | |
| cisco | firewall_services_module | 1.1.2 | |
| cisco | firewall_services_module | 1.1.3 | |
| cisco | firewall_services_module | 1.1_\(3.005\) | |
| cisco | firewall_services_module | 2.1_\(0.208\) | |
| hp | aaa_server | * | |
| hp | apache-based_web_server | 2.0.43.00 | |
| hp | apache-based_web_server | 2.0.43.04 | |
| symantec | clientless_vpn_gateway_4400 | 5.0 | |
| cisco | ciscoworks_common_management_foundation | 2.1 | |
| cisco | ciscoworks_common_services | 2.2 | |
| avaya | converged_communications_server | 2.0 | |
| avaya | sg200 | 4.4 | |
| avaya | sg200 | 4.31.29 | |
| avaya | sg203 | 4.4 | |
| avaya | sg203 | 4.31.29 | |
| avaya | sg208 | * | |
| avaya | sg208 | 4.4 | |
| avaya | sg5 | 4.2 | |
| avaya | sg5 | 4.3 | |
| avaya | sg5 | 4.4 | |
| apple | mac_os_x | 10.3.3 | |
| apple | mac_os_x_server | 10.3.3 | |
| freebsd | freebsd | 4.8 | |
| freebsd | freebsd | 4.8 | |
| freebsd | freebsd | 4.9 | |
| freebsd | freebsd | 5.1 | |
| freebsd | freebsd | 5.1 | |
| freebsd | freebsd | 5.1 | |
| freebsd | freebsd | 5.2 | |
| freebsd | freebsd | 5.2.1 | |
| hp | hp-ux | 8.05 | |
| hp | hp-ux | 11.00 | |
| hp | hp-ux | 11.11 | |
| hp | hp-ux | 11.23 | |
| openbsd | openbsd | 3.3 | |
| openbsd | openbsd | 3.4 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | enterprise_linux_desktop | 3.0 | |
| redhat | linux | 7.2 | |
| redhat | linux | 7.3 | |
| redhat | linux | 8.0 | |
| sco | openserver | 5.0.6 | |
| sco | openserver | 5.0.7 | |
| cisco | ios | 12.1\(11\)e | |
| cisco | ios | 12.1\(11b\)e | |
| cisco | ios | 12.1\(11b\)e12 | |
| cisco | ios | 12.1\(11b\)e14 | |
| cisco | ios | 12.1\(13\)e9 | |
| cisco | ios | 12.1\(19\)e1 | |
| cisco | ios | 12.2\(14\)sy | |
| cisco | ios | 12.2\(14\)sy1 | |
| cisco | ios | 12.2sy | |
| cisco | ios | 12.2za | |
| 4d | webstar | 4.0 | |
| 4d | webstar | 5.2 | |
| 4d | webstar | 5.2.1 | |
| 4d | webstar | 5.2.2 | |
| 4d | webstar | 5.2.3 | |
| 4d | webstar | 5.2.4 | |
| 4d | webstar | 5.3 | |
| 4d | webstar | 5.3.1 | |
| avaya | intuity_audix | * | |
| avaya | intuity_audix | 5.1.46 | |
| avaya | intuity_audix | s3210 | |
| avaya | intuity_audix | s3400 | |
| avaya | vsu | 5 | |
| avaya | vsu | 5x | |
| avaya | vsu | 100_r2.0.1 | |
| avaya | vsu | 500 | |
| avaya | vsu | 2000_r2.0.1 | |
| avaya | vsu | 5000_r2.0.1 | |
| avaya | vsu | 7500_r2.0.1 | |
| avaya | vsu | 10000_r2.0.1 | |
| checkpoint | firewall-1 | * | |
| checkpoint | firewall-1 | 2.0 | |
| checkpoint | firewall-1 | next_generation_fp0 | |
| checkpoint | firewall-1 | next_generation_fp1 | |
| checkpoint | firewall-1 | next_generation_fp2 | |
| checkpoint | provider-1 | 4.1 | |
| checkpoint | provider-1 | 4.1 | |
| checkpoint | provider-1 | 4.1 | |
| checkpoint | provider-1 | 4.1 | |
| checkpoint | provider-1 | 4.1 | |
| checkpoint | vpn-1 | next_generation | |
| checkpoint | vpn-1 | next_generation_fp0 | |
| checkpoint | vpn-1 | next_generation_fp1 | |
| checkpoint | vpn-1 | vsx_ng_with_application_intelligence | |
| cisco | access_registrar | * | |
| cisco | application_and_content_networking_software | * | |
| cisco | css_secure_content_accelerator | 1.0 | |
| cisco | css_secure_content_accelerator | 2.0 | |
| cisco | css11000_content_services_switch | * | |
| cisco | okena_stormwatch | 3.2 | |
| cisco | pix_firewall | 6.2.2_.111 | |
| cisco | threat_response | * | |
| cisco | webns | 6.10 | |
| cisco | webns | 6.10_b4 | |
| cisco | webns | 7.1_0.1.02 | |
| cisco | webns | 7.1_0.2.06 | |
| cisco | webns | 7.2_0.0.03 | |
| cisco | webns | 7.10 | |
| cisco | webns | 7.10_.0.06s | |
| dell | bsafe_ssl-j | 3.0 | |
| dell | bsafe_ssl-j | 3.0.1 | |
| dell | bsafe_ssl-j | 3.1 | |
| hp | wbem | a.01.05.08 | |
| hp | wbem | a.02.00.00 | |
| hp | wbem | a.02.00.01 | |
| lite | speed_technologies_litespeed_web_server | 1.0.1 | |
| lite | speed_technologies_litespeed_web_server | 1.0.2 | |
| lite | speed_technologies_litespeed_web_server | 1.0.3 | |
| lite | speed_technologies_litespeed_web_server | 1.1 | |
| lite | speed_technologies_litespeed_web_server | 1.1.1 | |
| lite | speed_technologies_litespeed_web_server | 1.2.1 | |
| lite | speed_technologies_litespeed_web_server | 1.2.2 | |
| lite | speed_technologies_litespeed_web_server | 1.2_rc1 | |
| lite | speed_technologies_litespeed_web_server | 1.2_rc2 | |
| lite | speed_technologies_litespeed_web_server | 1.3 | |
| lite | speed_technologies_litespeed_web_server | 1.3.1 | |
| lite | speed_technologies_litespeed_web_server | 1.3_rc1 | |
| lite | speed_technologies_litespeed_web_server | 1.3_rc2 | |
| lite | speed_technologies_litespeed_web_server | 1.3_rc3 | |
| neoteris | instant_virtual_extranet | 3.0 | |
| neoteris | instant_virtual_extranet | 3.1 | |
| neoteris | instant_virtual_extranet | 3.2 | |
| neoteris | instant_virtual_extranet | 3.3 | |
| neoteris | instant_virtual_extranet | 3.3.1 | |
| novell | edirectory | 8.0 | |
| novell | edirectory | 8.5 | |
| novell | edirectory | 8.5.12a | |
| novell | edirectory | 8.5.27 | |
| novell | edirectory | 8.6.2 | |
| novell | edirectory | 8.7 | |
| novell | edirectory | 8.7.1 | |
| novell | edirectory | 8.7.1 | |
| novell | imanager | 1.5 | |
| novell | imanager | 2.0 | |
| openssl | openssl | 0.9.6c | |
| openssl | openssl | 0.9.6d | |
| openssl | openssl | 0.9.6e | |
| openssl | openssl | 0.9.6f | |
| openssl | openssl | 0.9.6g | |
| openssl | openssl | 0.9.6h | |
| openssl | openssl | 0.9.6i | |
| openssl | openssl | 0.9.6j | |
| openssl | openssl | 0.9.6k | |
| openssl | openssl | 0.9.7 | |
| openssl | openssl | 0.9.7 | |
| openssl | openssl | 0.9.7 | |
| openssl | openssl | 0.9.7 | |
| openssl | openssl | 0.9.7a | |
| openssl | openssl | 0.9.7b | |
| openssl | openssl | 0.9.7c | |
| redhat | openssl | 0.9.6-15 | |
| redhat | openssl | 0.9.6b-3 | |
| redhat | openssl | 0.9.7a-2 | |
| redhat | openssl | 0.9.7a-2 | |
| redhat | openssl | 0.9.7a-2 | |
| sgi | propack | 2.3 | |
| sgi | propack | 2.4 | |
| sgi | propack | 3.0 | |
| stonesoft | servercluster | 2.5 | |
| stonesoft | servercluster | 2.5.2 | |
| stonesoft | stonebeat_fullcluster | 1_2.0 | |
| stonesoft | stonebeat_fullcluster | 1_3.0 | |
| stonesoft | stonebeat_fullcluster | 2.0 | |
| stonesoft | stonebeat_fullcluster | 2.5 | |
| stonesoft | stonebeat_fullcluster | 3.0 | |
| stonesoft | stonebeat_securitycluster | 2.0 | |
| stonesoft | stonebeat_securitycluster | 2.5 | |
| stonesoft | stonebeat_webcluster | 2.0 | |
| stonesoft | stonebeat_webcluster | 2.5 | |
| stonesoft | stonegate | 1.5.17 | |
| stonesoft | stonegate | 1.5.18 | |
| stonesoft | stonegate | 1.6.2 | |
| stonesoft | stonegate | 1.6.3 | |
| stonesoft | stonegate | 1.7 | |
| stonesoft | stonegate | 1.7.1 | |
| stonesoft | stonegate | 1.7.2 | |
| stonesoft | stonegate | 2.0.1 | |
| stonesoft | stonegate | 2.0.4 | |
| stonesoft | stonegate | 2.0.5 | |
| stonesoft | stonegate | 2.0.6 | |
| stonesoft | stonegate | 2.0.7 | |
| stonesoft | stonegate | 2.0.8 | |
| stonesoft | stonegate | 2.0.9 | |
| stonesoft | stonegate | 2.1 | |
| stonesoft | stonegate | 2.2 | |
| stonesoft | stonegate | 2.2.1 | |
| stonesoft | stonegate | 2.2.4 | |
| stonesoft | stonegate_vpn_client | 1.7 | |
| stonesoft | stonegate_vpn_client | 1.7.2 | |
| stonesoft | stonegate_vpn_client | 2.0 | |
| stonesoft | stonegate_vpn_client | 2.0.7 | |
| stonesoft | stonegate_vpn_client | 2.0.8 | |
| stonesoft | stonegate_vpn_client | 2.0.9 | |
| tarantella | tarantella_enterprise | 3.20 | |
| tarantella | tarantella_enterprise | 3.30 | |
| tarantella | tarantella_enterprise | 3.40 | |
| vmware | gsx_server | 2.0 | |
| vmware | gsx_server | 2.0.1_build_2129 | |
| vmware | gsx_server | 2.5.1 | |
| vmware | gsx_server | 2.5.1_build_5336 | |
| vmware | gsx_server | 3.0_build_7592 | |
| avaya | s8300 | r2.0.0 | |
| avaya | s8300 | r2.0.1 | |
| avaya | s8500 | r2.0.0 | |
| avaya | s8500 | r2.0.1 | |
| avaya | s8700 | r2.0.0 | |
| avaya | s8700 | r2.0.1 | |
| bluecoat | proxysg | * | |
| cisco | call_manager | * | |
| cisco | content_services_switch_11500 | * | |
| cisco | gss_4480_global_site_selector | * | |
| cisco | gss_4490_global_site_selector | * | |
| cisco | mds_9000 | * | |
| cisco | secure_content_accelerator | 10000 | |
| securecomputing | sidewinder | 5.2 | |
| securecomputing | sidewinder | 5.2.0.01 | |
| securecomputing | sidewinder | 5.2.0.02 | |
| securecomputing | sidewinder | 5.2.0.03 | |
| securecomputing | sidewinder | 5.2.0.04 | |
| securecomputing | sidewinder | 5.2.1 | |
| securecomputing | sidewinder | 5.2.1.02 | |
| sun | crypto_accelerator_4000 | 1.0 | |
| bluecoat | cacheos_ca_sa | 4.1.10 | |
| bluecoat | cacheos_ca_sa | 4.1.12 | |
| cisco | pix_firewall_software | 6.0 | |
| cisco | pix_firewall_software | 6.0\(1\) | |
| cisco | pix_firewall_software | 6.0\(2\) | |
| cisco | pix_firewall_software | 6.0\(3\) | |
| cisco | pix_firewall_software | 6.0\(4\) | |
| cisco | pix_firewall_software | 6.0\(4.101\) | |
| cisco | pix_firewall_software | 6.1 | |
| cisco | pix_firewall_software | 6.1\(1\) | |
| cisco | pix_firewall_software | 6.1\(2\) | |
| cisco | pix_firewall_software | 6.1\(3\) | |
| cisco | pix_firewall_software | 6.1\(4\) | |
| cisco | pix_firewall_software | 6.1\(5\) | |
| cisco | pix_firewall_software | 6.2 | |
| cisco | pix_firewall_software | 6.2\(1\) | |
| cisco | pix_firewall_software | 6.2\(2\) | |
| cisco | pix_firewall_software | 6.2\(3\) | |
| cisco | pix_firewall_software | 6.2\(3.100\) | |
| cisco | pix_firewall_software | 6.3 | |
| cisco | pix_firewall_software | 6.3\(1\) | |
| cisco | pix_firewall_software | 6.3\(2\) | |
| cisco | pix_firewall_software | 6.3\(3.102\) | |
| cisco | pix_firewall_software | 6.3\(3.109\) |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firewall_services_module:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2A9CB22A-21E0-46F6-B6CD-BB38A80FA7A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:firewall_services_module:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B9CAFC15-178C-4176-9668-D4A04B63E77B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:firewall_services_module:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3C8D6949-89F4-40EF-98F4-8D15628DC345",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:firewall_services_module:1.1_\\(3.005\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F3DB2AEE-FB5C-42B7-845B-EDA3E58D5D68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:firewall_services_module:2.1_\\(0.208\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6479D85C-1A12-486D-818C-6679F415CA26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:aaa_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "287CF5FA-D0EC-4FD7-9718-973587EF34DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:apache-based_web_server:2.0.43.00:*:*:*:*:*:*:*",
"matchCriteriaId": "C88168D4-7DB5-4720-8640-400BB680D0FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:apache-based_web_server:2.0.43.04:*:*:*:*:*:*:*",
"matchCriteriaId": "968915A1-375B-4C69-BE11-9A393F7F1B0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:symantec:clientless_vpn_gateway_4400:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "11465DCA-72E5-40E9-9D8E-B3CD470C47E9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_common_management_foundation:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3954D0D1-9FDF-47D0-9710-D0FB06955B8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3D6712BD-DE8F-40F5-AC74-B9EFE9A50CFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:converged_communications_server:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E586558A-ABC3-42EB-8B4D-DC92A0D695E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:sg200:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2A4C5F60-B32D-4D85-BA28-AE11972ED614",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:sg200:4.31.29:*:*:*:*:*:*:*",
"matchCriteriaId": "6A5935C3-3D83-461F-BC26-E03362115C42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:sg203:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "80AC523B-3106-46F2-B760-803DCF8061F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:sg203:4.31.29:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B8D6F3-D15D-489F-A807-17E63F4831F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:sg208:*:*:*:*:*:*:*:*",
"matchCriteriaId": "808189BA-197F-49CE-933E-A728F395749C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:sg208:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "32DCFA7B-7BBB-465A-A4AD-7E18EE3C02DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:sg5:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CC7EF0CD-EA39-457B-8E2E-9120B65A5835",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:sg5:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7BC2983F-5212-464B-AC21-8A897DEC1F58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:sg5:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EBF17989-D1F2-4B04-80BD-CFABDD482ABA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BF2D00AC-FA2A-4C39-B796-DC19072862CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E8BCD1C5-1AFC-4287-9AFD-81FB3F4F9E54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "441BE3A0-20F4-4972-B279-19B3DB5FA14D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.8:releng:*:*:*:*:*:*",
"matchCriteriaId": "2D33C6EF-DBE1-4943-83E4-1F10670DAC6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "00EAEA17-033A-4A50-8E39-D61154876D2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4EE93350-92E6-4F5C-A14C-9993CFFDBCD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.1:release:*:*:*:*:*:*",
"matchCriteriaId": "0D9F2B04-A1F2-4788-A53D-C8274A758DDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.1:releng:*:*:*:*:*:*",
"matchCriteriaId": "9A5309ED-D84F-4F52-9864-5B0FEEEE5022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7C441E-444B-4DF5-8491-86805C70FB99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.2.1:release:*:*:*:*:*:*",
"matchCriteriaId": "C9CCE8F3-84EE-4571-8AAA-BF2D132E9BD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:8.05:*:*:*:*:*:*:*",
"matchCriteriaId": "31B1ADC1-9B6D-4B5E-A05A-D69599A3A0D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*",
"matchCriteriaId": "771931F7-9180-4EBD-8627-E1CF17D24647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*",
"matchCriteriaId": "EDD9BE2B-7255-4FC1-B452-E8370632B03F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.23:*:*:*:*:*:*:*",
"matchCriteriaId": "32310AFE-38CC-4C6C-AE13-54C18720F2C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AC46909F-DDFC-448B-BCDF-1EB343F96630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9496279F-AB43-4B53-81A6-87C651ABC4BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*",
"matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E562907F-D915-4030-847A-3C6834A80D4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "138985E6-5107-4E8B-A801-C3D5FE075227",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "038FEDE7-986F-4CA5-9003-BA68352B87D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:openserver:5.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1E140F76-D078-4F58-89CF-3278CDCB9AF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:openserver:5.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D9D76A8D-832B-411E-A458-186733C66010",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(11\\)e:*:*:*:*:*:*:*",
"matchCriteriaId": "580BA1FE-0826-47A7-8BD3-9225E0841EDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(11b\\)e:*:*:*:*:*:*:*",
"matchCriteriaId": "040B04CD-B891-4F19-A7CC-5C2D462FBD6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(11b\\)e12:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF29685-7FFC-4093-A1D4-21E4871AF5C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(11b\\)e14:*:*:*:*:*:*:*",
"matchCriteriaId": "E72872C9-63AF-417F-BFAE-92B4D350C006",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(13\\)e9:*:*:*:*:*:*:*",
"matchCriteriaId": "80BCF196-5E5A-4F31-BCE7-AA0C748CA922",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(19\\)e1:*:*:*:*:*:*:*",
"matchCriteriaId": "970939C5-1E6F-47B6-97E6-7B2C1E019985",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(14\\)sy:*:*:*:*:*:*:*",
"matchCriteriaId": "CD1F4148-E772-4708-8C1F-D67F969C11DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(14\\)sy1:*:*:*:*:*:*:*",
"matchCriteriaId": "3CEBCEF0-5982-4B30-8377-9CAC978A1CB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2sy:*:*:*:*:*:*:*",
"matchCriteriaId": "09458CD7-D430-4957-8506-FAB2A3E2AA65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2za:*:*:*:*:*:*:*",
"matchCriteriaId": "62626BB6-D4EA-4A8A-ABC1-F86B37F19EDB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:4d:webstar:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B87C95-4B34-4628-AD03-67D1DE13E097",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:4d:webstar:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "758F95DB-E619-4B08-86FA-6CF2C1B0CBCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:4d:webstar:5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4F04471C-732F-44EE-AD1B-6305C1DD7DDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:4d:webstar:5.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3499913B-5DCD-4115-8C7B-9E8AFF79DE5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:4d:webstar:5.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E237919A-416B-4039-AAD2-7FAE1F4E100D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:4d:webstar:5.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "39149924-188C-40C1-B598-A9CD407C90DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:4d:webstar:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "15D5780C-4E29-4BCA-A47E-29FF6EAF33FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:4d:webstar:5.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E6501108-5455-48FE-AA82-37AFA5D7EC24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:intuity_audix:*:*:lx:*:*:*:*:*",
"matchCriteriaId": "C1A3B951-A1F8-4291-82FA-AB7922D13ACE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:intuity_audix:5.1.46:*:*:*:*:*:*:*",
"matchCriteriaId": "3F2E7C81-C0F5-4D36-9A23-03BE69295ED0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:intuity_audix:s3210:*:*:*:*:*:*:*",
"matchCriteriaId": "9D0EF4A3-2FE5-41E4-A764-30B379ECF081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:intuity_audix:s3400:*:*:*:*:*:*:*",
"matchCriteriaId": "CCF6D59E-8AEA-4380-B86B-0803B2202F16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:vsu:5:*:*:*:*:*:*:*",
"matchCriteriaId": "140ABF28-FA39-4D77-AEB2-304962ED48C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:vsu:5x:*:*:*:*:*:*:*",
"matchCriteriaId": "09473DD9-5114-44C5-B56C-6630FBEBCACB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:vsu:100_r2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7ECD3A4-5A39-4222-8350-524F11D8FFB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:vsu:500:*:*:*:*:*:*:*",
"matchCriteriaId": "D36C140D-E80C-479A-ADA7-18E901549059",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:vsu:2000_r2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "940712E9-B041-4B7F-BD02-7DD0AE596D65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:vsu:5000_r2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "03B887A2-9025-4C5B-8901-71BC63BF5293",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:vsu:7500_r2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "33264586-7160-4550-9FF9-4101D72F5C9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:vsu:10000_r2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CE5E6521-0611-4473-82AC-21655F10FEC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:*:*:vsx-ng-ai:*:*:*:*:*",
"matchCriteriaId": "AA9A50A1-CA8C-4EE5-B68F-4958F6B4B028",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:2.0:*:gx:*:*:*:*:*",
"matchCriteriaId": "8C83ABA2-87CD-429B-9800-590F8256B064",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:next_generation_fp0:*:*:*:*:*:*:*",
"matchCriteriaId": "A4D9A576-2878-4AC4-AC95-E69CB8A84A71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:next_generation_fp1:*:*:*:*:*:*:*",
"matchCriteriaId": "0A1A0B02-CF33-401F-9AB2-D595E586C795",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:next_generation_fp2:*:*:*:*:*:*:*",
"matchCriteriaId": "8C0EF3F0-B82E-45B7-8D05-05E76009F7A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:provider-1:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "90FB3825-21A6-4DBE-8188-67672DBE01CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:provider-1:4.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "80623E58-8B46-4559-89A4-C329AACF3CB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:provider-1:4.1:sp2:*:*:*:*:*:*",
"matchCriteriaId": "AEE6C228-CD93-4636-868B-C19BC1674BE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:provider-1:4.1:sp3:*:*:*:*:*:*",
"matchCriteriaId": "A645148C-AD0D-46C1-BEE3-10F5C9066279",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:provider-1:4.1:sp4:*:*:*:*:*:*",
"matchCriteriaId": "0D69187C-7F46-4FF0-A8A0-0E1989EA79BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:vpn-1:next_generation:*:*:*:*:*:*:*",
"matchCriteriaId": "C48F4DF4-8091-45D0-9F80-F760500B1202",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:vpn-1:next_generation_fp0:*:*:*:*:*:*:*",
"matchCriteriaId": "4AE4A7EE-1BA3-46F1-BF4A-A72997EE0992",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:vpn-1:next_generation_fp1:*:*:*:*:*:*:*",
"matchCriteriaId": "02029D75-FAF2-4842-9246-079C7DE36417",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:vpn-1:vsx_ng_with_application_intelligence:*:*:*:*:*:*:*",
"matchCriteriaId": "B5EF01C8-1C8A-4BD1-A13B-CE31F09F9523",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:access_registrar:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B8496E0D-2507-4C25-A122-0B846CBCA72A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_and_content_networking_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E383F2A-DFCF-47F8-94EE-3563D41EA597",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:css_secure_content_accelerator:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D2D87EF0-056E-4128-89EB-2803ED83DEE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:css_secure_content_accelerator:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BB3163C1-2044-44DA-9C88-076D75FDF1EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:css11000_content_services_switch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07E1B690-C58B-4C08-A757-F3DF451FDAAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:okena_stormwatch:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "31F0E14C-7681-4D1A-B982-A51E450B93A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:pix_firewall:6.2.2_.111:*:*:*:*:*:*:*",
"matchCriteriaId": "ECBC761F-A8F5-4CD8-B19C-5CE8FFC58FDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:threat_response:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF39E8B-C201-4940-81C9-14AF4C3DD4B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webns:6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "AC604680-2E9E-4DC4-ACDD-74D552A45BA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webns:6.10_b4:*:*:*:*:*:*:*",
"matchCriteriaId": "37A94436-D092-4C7E-B87B-63BC621EE82E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webns:7.1_0.1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "862165CF-3CFB-4C6E-8238-86FA85F243C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webns:7.1_0.2.06:*:*:*:*:*:*:*",
"matchCriteriaId": "056F3336-BAA8-4A03-90B4-7B31710FC1B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webns:7.2_0.0.03:*:*:*:*:*:*:*",
"matchCriteriaId": "9FDC2510-FBB9-429A-B6D4-10AB11F93960",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webns:7.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5D45127E-A544-40A0-9D34-BD70D95C9772",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webns:7.10_.0.06s:*:*:*:*:*:*:*",
"matchCriteriaId": "56C69C3E-C895-45C8-8182-7BB412A0C828",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dell:bsafe_ssl-j:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A1FDD507-C38B-4C38-A54F-3DA6F07AD0B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dell:bsafe_ssl-j:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6F2B7AC2-CF08-4AC9-9A71-3A8130F9F9AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dell:bsafe_ssl-j:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4D9564B-B92E-4C97-87FF-B56D62DCA775",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:wbem:a.01.05.08:*:*:*:*:*:*:*",
"matchCriteriaId": "B931D4F8-23F5-4ABA-A457-959995D30C58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:wbem:a.02.00.00:*:*:*:*:*:*:*",
"matchCriteriaId": "BE6A023E-9C2A-487F-B5CE-674C766BFE75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:wbem:a.02.00.01:*:*:*:*:*:*:*",
"matchCriteriaId": "6A15ACA2-D500-4260-B51A-6FE6AB5A45A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2A045971-8756-47E8-9044-C39D08B36F1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CAA95881-7231-4FDA-AF73-04DF9FF0B64C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "62B7F6AD-EDBD-4B09-BDB2-795ED114F2AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F045AB7B-1551-46E5-A5CC-BF13C1BB49F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "44E85930-3AAD-420B-8E3E-AEC57344F6C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "52FD4485-BCA2-485A-A0CF-F8152C9DBFA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7CF53BE4-FE2D-4D63-BD0F-A423D0FE3BE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.2_rc1:*:*:*:*:*:*:*",
"matchCriteriaId": "00993464-BE09-4691-B3F0-51BBA9FB80C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.2_rc2:*:*:*:*:*:*:*",
"matchCriteriaId": "896AB39E-2078-4BA2-9522-477BD5F98FD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EB9279EC-47CF-45F1-B4CC-B2B332E82E34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E7300C3E-8105-4C23-89B9-7D29CED18C15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3_rc1:*:*:*:*:*:*:*",
"matchCriteriaId": "90C59DB2-48DA-4172-A1F5-25CF3B5097AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3_rc2:*:*:*:*:*:*:*",
"matchCriteriaId": "715F4E0B-7E4B-4520-A987-9B3ED3136B75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3_rc3:*:*:*:*:*:*:*",
"matchCriteriaId": "9CA1F606-C558-40FD-9300-6E2796F47BA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:neoteris:instant_virtual_extranet:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A037FAA6-6D26-4496-BC67-03475B4D1155",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:neoteris:instant_virtual_extranet:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D3831DD3-E783-4200-8986-FDBF7DD9BA53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:neoteris:instant_virtual_extranet:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2909C9D5-3D8F-4C41-B0E7-A0C0B432C19A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:neoteris:instant_virtual_extranet:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E09436DF-E3C1-4C03-A3BE-73C4BC84BB7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:neoteris:instant_virtual_extranet:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "699764B6-0F86-4AB0-86A3-4F2E69AD820C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7562ADC4-0D01-4FC2-98F0-1F4041BDA52E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E6FAB588-BDBE-4A04-AB9E-4F700A3951F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.5.12a:*:*:*:*:*:*:*",
"matchCriteriaId": "E1B83F84-D1EF-43B4-8620-3C1BCCE44553",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.5.27:*:*:*:*:*:*:*",
"matchCriteriaId": "41169D2F-4F16-466A-82E9-AD0735472B5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "947699C3-D9DE-411A-99C0-44ADD1D2223A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "15F668C0-8420-4401-AB0F-479575596CF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDCC7B6-34CA-4551-9833-306B93E517BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "6D69C160-39F7-48B8-B9A3-CC86690453C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "166BF638-ABDC-4BB9-BD4E-2B22681AD9CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8FA6420B-9F6A-48F4-A445-12B60A320347",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*",
"matchCriteriaId": "0FCA45CE-4127-47AD-BBA8-8A6DD83AE1C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA1CA40-7DB5-4DCA-97A8-9A8CF4FECECC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*",
"matchCriteriaId": "180D07AE-C571-4DD6-837C-43E2A946007A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:*",
"matchCriteriaId": "BA3E4D2A-6488-4F8B-A3CA-4161A10FA4DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*",
"matchCriteriaId": "90789533-C741-4B1C-A24B-2C77B9E4DE5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*",
"matchCriteriaId": "1520065B-46D7-48A4-B9D0-5B49F690C5B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*",
"matchCriteriaId": "5B76FE2D-FBE0-4A3B-A0EA-179332D74F0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:*",
"matchCriteriaId": "2AA526B9-726A-49D5-B3CA-EBE2DA303CA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:*",
"matchCriteriaId": "494E48E7-EF86-4860-9A53-94F6C313746E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*",
"matchCriteriaId": "45A518E8-21BE-4C5C-B425-410AB1208E9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.7:beta1:*:*:*:*:*:*",
"matchCriteriaId": "9E3AB748-E463-445C-ABAB-4FEDDFD1878B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.7:beta2:*:*:*:*:*:*",
"matchCriteriaId": "660E4B8D-AABA-4520-BC4D-CF8E76E07C05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.7:beta3:*:*:*:*:*:*",
"matchCriteriaId": "85BFEED5-4941-41BB-93D1-CD5C2A41290E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*",
"matchCriteriaId": "78E79A05-64F3-4397-952C-A5BB950C967D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*",
"matchCriteriaId": "7F7C9E77-1EB2-4720-A8FD-23DC1C877D5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*",
"matchCriteriaId": "549BB01D-F322-4FE3-BDA2-4FEA8ED8568A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openssl:0.9.6-15:*:i386:*:*:*:*:*",
"matchCriteriaId": "09F3FB7B-0F68-49F3-A3B7-977A687A42E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openssl:0.9.6b-3:*:i386:*:*:*:*:*",
"matchCriteriaId": "088F2FF7-96E5-455E-A35B-D99F9854EC6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openssl:0.9.7a-2:*:i386:*:*:*:*:*",
"matchCriteriaId": "FFA721BF-1B2E-479F-BF25-02D441BF175B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openssl:0.9.7a-2:*:i386_dev:*:*:*:*:*",
"matchCriteriaId": "AFEDCE49-21CC-4168-818F-4C638EE3B077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openssl:0.9.7a-2:*:i386_perl:*:*:*:*:*",
"matchCriteriaId": "B7D18F9B-C0BE-4DE8-81F4-5BF56C00BF41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sgi:propack:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "26430687-409B-448F-934B-06AB937DDF63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0702A32E-E577-403C-B4D9-15037D7100A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:servercluster:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8F0F78F4-E81E-4C6B-AB73-D6AAE191060E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:servercluster:2.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DF1A5808-6D5D-48AD-9470-5A6510D17913",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonebeat_fullcluster:1_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C1E8990D-D9A0-4A71-9D87-EC047E01B0D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonebeat_fullcluster:1_3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6DBCC172-6867-4DFD-AAEF-9BDB4DA21F46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonebeat_fullcluster:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C2F2BEEA-46BB-4718-B0F3-B4EC62B678A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonebeat_fullcluster:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8D09E11C-C5BB-409E-BB0D-7F351250419B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonebeat_fullcluster:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6B06A05D-AA31-441D-9FC2-3558648C3B7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonebeat_securitycluster:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C0886901-6F93-44C1-B774-84D7E5D9554C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonebeat_securitycluster:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3F203A80-7C1E-4A04-8E99-63525E176753",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonebeat_webcluster:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CA0A204C-158B-4014-A53C-75E0CD63E0DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonebeat_webcluster:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "085BA581-7DA5-4FA4-A888-351281FD0A7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:1.5.17:*:*:*:*:*:*:*",
"matchCriteriaId": "EA1C4B3C-5701-4233-BA94-28915713F9C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:1.5.18:*:*:*:*:*:*:*",
"matchCriteriaId": "28D9F8D7-698A-486A-918A-7DB5CAFBB3CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:1.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D125C2A0-A4B5-48D6-A38A-54755C3FDF4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:1.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0F85F672-0F21-4AD7-8620-13D82F2ECC22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "89070041-613A-4F7B-BD6A-C6091D21FC52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:1.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D9A71933-4BD5-4B11-8B14-D997E75F29CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:1.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5B6BE11D-FC02-4950-A554-08CC9D8B1853",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A53FD0E1-9BAA-43F0-BCC9-0BE8D4356F55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B80ADAE8-94D4-46A4-A5ED-FF134D808B52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "69FA0221-5073-4D45-950F-119497B53FED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C4AE5B43-7C90-4C2A-A215-30F5EC5841C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2CC1A110-B203-4962-8E1A-74BD98121AF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B5A92C4D-B024-4D39-9479-409C39586F64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "E7E0C4F5-CF02-4FF6-AE9B-5B6B70D5C067",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5E8998CC-E372-46D0-8339-47DC8D92D253",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AF131FDC-BF8D-4A17-99F0-444EB900E83D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "880811B3-E78E-456E-972E-DE733F368576",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "22411F18-2B93-405A-A3B5-2CF0A04977C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate_vpn_client:1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C71188B7-E6DC-41E5-B619-367341113501",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate_vpn_client:1.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "07491444-0196-4504-A971-A5E388B86BBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate_vpn_client:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "72BC6CD2-3291-4E69-8DC6-F3AB853F8931",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate_vpn_client:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "CD43EDDF-58A7-4705-B8C7-FD76C35A437D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate_vpn_client:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "A7C2E603-568F-40F6-9A7C-439E2A51B37F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate_vpn_client:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "703421A7-E8C5-450B-97EF-FD9D99D4B834",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tarantella:tarantella_enterprise:3.20:*:*:*:*:*:*:*",
"matchCriteriaId": "9519BCB2-B401-44CE-97F6-847BB36AE45F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tarantella:tarantella_enterprise:3.30:*:*:*:*:*:*:*",
"matchCriteriaId": "BBE573E8-DD94-4293-99AE-27B9067B3ED9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tarantella:tarantella_enterprise:3.40:*:*:*:*:*:*:*",
"matchCriteriaId": "D14413DA-5199-4282-9E22-D347E9D8E469",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:gsx_server:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "05CC5F49-0E9E-45D8-827D-A5940566DB25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:gsx_server:2.0.1_build_2129:*:*:*:*:*:*:*",
"matchCriteriaId": "5D94EE19-6CE9-4E02-8174-D9954CDBF02B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:gsx_server:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4E4BEE3-AE7B-4481-B724-2E644E18ACC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:gsx_server:2.5.1_build_5336:*:*:*:*:*:*:*",
"matchCriteriaId": "EAAB7052-E0B6-472E-920B-A0F0AEA25D6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:gsx_server:3.0_build_7592:*:*:*:*:*:*:*",
"matchCriteriaId": "8CE38F15-BD42-4171-8670-86AA8169A60C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:s8300:r2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "20C0BD87-CE4B-49D2-89BE-EF282C43AD72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:s8300:r2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C3E6C4A8-59F4-43EE-8413-E95289037598",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:s8500:r2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FE76357A-27E6-4D85-9AA0-1BB658C41568",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:s8500:r2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C56C5FDB-24E2-479D-87CA-164CD28567D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:s8700:r2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AEF6C16F-8EDF-4A24-BFEF-6A304D654EEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:s8700:r2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D982AE39-BB57-49E7-B5FE-5EF1ADE2F019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:bluecoat:proxysg:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1B6CFEC9-0F8F-4CD4-ABD1-E6533F910F7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "12DE5E22-DF93-46BE-85A3-D4E04379E901",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:content_services_switch_11500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BF28C435-C036-4507-8E3F-44E722F9974A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:gss_4480_global_site_selector:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CDA957E2-ABF9-49B2-874F-3FC3060CE0B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:gss_4490_global_site_selector:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5F2CDFE7-6853-4A31-85C0-50C57A8D606A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:mds_9000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0F2ED90B-DDBA-49DE-AC78-20E7D77C8858",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:secure_content_accelerator:10000:*:*:*:*:*:*:*",
"matchCriteriaId": "408A9DB0-81EF-4186-B338-44954E67289B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5B0C5F92-7E93-4C3F-B22B-E6612A4D3E10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.0.01:*:*:*:*:*:*:*",
"matchCriteriaId": "2D0DC4B4-9AD9-4AC8-BFA7-A3D209B5D089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.0.02:*:*:*:*:*:*:*",
"matchCriteriaId": "303362A5-9C3C-4C85-8C97-2AB12CE01BF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.0.03:*:*:*:*:*:*:*",
"matchCriteriaId": "FED22DC1-E06B-4511-B920-6DAB792262D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.0.04:*:*:*:*:*:*:*",
"matchCriteriaId": "4CE44CA7-4BC7-4C2B-948F-2ACABB91528B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F757B2A7-869F-4702-81EB-466317A79D61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "01F6E9A9-6C85-48DA-BC61-55F8EACCB59F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:sun:crypto_accelerator_4000:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "64AF1E33-4086-43E2-8F54-DA75A99D4B75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:bluecoat:cacheos_ca_sa:4.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "53D16F03-A4C7-4497-AB74-499F208FF059",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:bluecoat:cacheos_ca_sa:4.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "13A33EC1-836B-4C8C-AC18-B5BD4F90E612",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "58BE9C02-2A01-4F6F-A6BD-BC0173561E9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C558CED8-8342-46CB-9F52-580B626D320E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0F85D19E-6C26-429D-B876-F34238B9DAAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FEC7CCF7-CBC6-4EDC-8EDD-884DFFFBCC7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E5011A33-CD6D-4EFC-ACFD-E51C9AE726A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(4.101\\):*:*:*:*:*:*:*",
"matchCriteriaId": "09063867-0E64-4630-B35B-4CCA348E4DAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78F98CD7-A352-483C-9968-8FB2627A7CBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F97FE485-705F-4707-B6C6-0EF9E8A85D5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E2B925E8-D2C2-4E8C-AC21-0C422245C482",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B9170562-872E-4C32-869C-B10FF35A925E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D0927A68-8BB2-4F03-8396-E9CACC158FC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "559DDBA3-2AF4-4A0C-B219-6779BA931F21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "ED9D142A-DDC8-4BD6-8C22-F242C9C0B1ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5226C9CC-6933-4F10-B426-B47782C606FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "757DAE9A-B25D-4B8A-A41B-66C2897B537E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5E3DC170-E279-4725-B9EE-6840B5685CC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(3.100\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8091EDA9-BD18-47F7-8CEC-E086238647C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6F867890-74A4-4892-B99A-27DB4603B873",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CE05B514-F094-4632-B25B-973F976F6409",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3392428D-1A85-4472-A276-C482A78E2CE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(3.102\\):*:*:*:*:*:*:*",
"matchCriteriaId": "40954985-16E6-4F37-B014-6A55166AE093",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(3.109\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0C097809-1FEF-4417-A201-42291CC29122",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool."
},
{
"lang": "es",
"value": "OpenSSL 0.9.6 anteriores a la 0.9.6d no manejan adecuadamente los tipos de mensajes desconocidos, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicios (por bucle infinito), como se demuestra utilizando la herramienta de testeo Codenomicon TLS."
}
],
"id": "CVE-2004-0081",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-11-23T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt"
},
{
"source": "cve@mitre.org",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040304-01-U.asc"
},
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834"
},
{
"source": "cve@mitre.org",
"url": "http://fedoranews.org/updates/FEDORA-2004-095.shtml"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=107955049331965\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=108403850228012\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2004-119.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/11139"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200403-03.xml"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524"
},
{
"source": "cve@mitre.org",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2004/dsa-465"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/465542"
},
{
"source": "cve@mitre.org",
"url": "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2004-120.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2004-121.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2004-139.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/9899"
},
{
"source": "cve@mitre.org",
"url": "http://www.trustix.org/errata/2004/0012"
},
{
"source": "cve@mitre.org",
"url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15509"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11755"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A871"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A902"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040304-01-U.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://fedoranews.org/updates/FEDORA-2004-095.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=107955049331965\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=108403850228012\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2004-119.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/11139"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200403-03.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2004/dsa-465"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/465542"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2004-120.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2004-121.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2004-139.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/9899"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.trustix.org/errata/2004/0012"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15509"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11755"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A871"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A902"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-11-14 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
The OPSEC communications authentication mechanism (fwn1) in Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to spoof connections, aka the "OPSEC Authentication Vulnerability."
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.checkpoint.com/techsupport/alerts/list_vun.html#OPSEC_Authentication | ||
| cve@mitre.org | http://www.osvdb.org/4420 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/5471 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.checkpoint.com/techsupport/alerts/list_vun.html#OPSEC_Authentication | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.osvdb.org/4420 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/5471 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| checkpoint | firewall-1 | 3.0 | |
| checkpoint | firewall-1 | 4.0 | |
| checkpoint | firewall-1 | 4.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A550C18E-F07A-4A05-87F0-B1D52FDC401C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0F543272-8C7E-4326-BA97-142FBEA641E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "100F03E3-1538-47AF-9CA6-E9E5C1DF05D4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The OPSEC communications authentication mechanism (fwn1) in Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to spoof connections, aka the \"OPSEC Authentication Vulnerability.\""
}
],
"id": "CVE-2000-0807",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-11-14T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.checkpoint.com/techsupport/alerts/list_vun.html#OPSEC_Authentication"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/4420"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5471"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.checkpoint.com/techsupport/alerts/list_vun.html#OPSEC_Authentication"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/4420"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5471"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-07-27 01:04
Modified
2025-04-03 01:03
Severity ?
Summary
Directory traversal vulnerability in Check Point Firewall-1 R55W before HFA03 allows remote attackers to read arbitrary files via an encoded .. (dot dot) in the URL on TCP port 18264.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://secunia.com/advisories/21200 | ||
| cve@mitre.org | http://securityreason.com/securityalert/1290 | ||
| cve@mitre.org | http://securitytracker.com/id?1016563 | ||
| cve@mitre.org | http://www.sec-tec.co.uk/vulnerability/r55w_directory_traversal.html | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/440990/100/0/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/441495/100/0/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/bid/19136 | Exploit, Patch | |
| cve@mitre.org | http://www.vupen.com/english/advisories/2006/2965 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/27937 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/21200 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securityreason.com/securityalert/1290 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1016563 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.sec-tec.co.uk/vulnerability/r55w_directory_traversal.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/440990/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/441495/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/19136 | Exploit, Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2006/2965 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/27937 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| checkpoint | firewall-1 | r55w | |
| checkpoint | firewall-1 | r55w | |
| checkpoint | firewall-1 | r55w |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:r55w:*:*:*:*:*:*:*",
"matchCriteriaId": "1975FDD7-C643-4B85-8238-723CADFCE227",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:r55w:hfa1:*:*:*:*:*:*",
"matchCriteriaId": "B0A5C0EC-E233-477F-8F4E-6E65C9284DA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:r55w:hfa2:*:*:*:*:*:*",
"matchCriteriaId": "A55D2D38-3D40-4163-B5A2-2186612C0AB3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in Check Point Firewall-1 R55W before HFA03 allows remote attackers to read arbitrary files via an encoded .. (dot dot) in the URL on TCP port 18264."
},
{
"lang": "es",
"value": "Vulnerabilidad de salto de directorio en Check Point Firewall-1 R55W anterior a HFA03 permite a atacantes remotos leer archivos de su elecci\u00f3n mediante un .. (punto punto) codificado en el URL en el puerto TCP 18264."
}
],
"id": "CVE-2006-3885",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-07-27T01:04:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/21200"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/1290"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1016563"
},
{
"source": "cve@mitre.org",
"url": "http://www.sec-tec.co.uk/vulnerability/r55w_directory_traversal.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/440990/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/441495/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.securityfocus.com/bid/19136"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/2965"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27937"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/21200"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/1290"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016563"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.sec-tec.co.uk/vulnerability/r55w_directory_traversal.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/440990/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/441495/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.securityfocus.com/bid/19136"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/2965"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27937"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-03-03 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Stack-based buffer overflow in Check Point VPN-1 Server 4.1 through 4.1 SP6 and Check Point SecuRemote/SecureClient 4.1 through 4.1 build 4200 allows remote attackers to execute arbitrary code via an ISAKMP packet with a large Certificate Request packet.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://marc.info/?l=bugtraq&m=107604682227031&w=2 | ||
| cve@mitre.org | http://www.ciac.org/ciac/bulletins/o-073.shtml | ||
| cve@mitre.org | http://www.kb.cert.org/vuls/id/873334 | Patch, Third Party Advisory, US Government Resource | |
| cve@mitre.org | http://www.osvdb.org/3821 | ||
| cve@mitre.org | http://www.osvdb.org/4432 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/9582 | Patch, Vendor Advisory | |
| cve@mitre.org | http://xforce.iss.net/xforce/alerts/id/163 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/14150 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=107604682227031&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ciac.org/ciac/bulletins/o-073.shtml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/873334 | Patch, Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.osvdb.org/3821 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.osvdb.org/4432 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/9582 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://xforce.iss.net/xforce/alerts/id/163 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/14150 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| checkpoint | firewall-1 | 4.1 | |
| checkpoint | firewall-1 | 4.1 | |
| checkpoint | firewall-1 | 4.1 | |
| checkpoint | firewall-1 | 4.1 | |
| checkpoint | firewall-1 | 4.1 | |
| checkpoint | firewall-1 | 4.1 | |
| checkpoint | firewall-1 | 4.1 | |
| checkpoint | firewall-1 | next_generation_fp0 | |
| checkpoint | firewall-1 | next_generation_fp1 | |
| checkpoint | vpn-1 | 4.1 | |
| checkpoint | vpn-1 | next_generation_fp0 | |
| checkpoint | vpn-1 | next_generation_fp1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "100F03E3-1538-47AF-9CA6-E9E5C1DF05D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "AFCB5D3D-E8C6-43CE-A1D4-7F46519E9893",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.1:sp2:*:*:*:*:*:*",
"matchCriteriaId": "0A7ED9A2-3996-4ABE-B0EF-92ACF6C8A38B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.1:sp3:*:*:*:*:*:*",
"matchCriteriaId": "997ABD78-6DF8-440C-B90A-E5CD7C6ACA75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.1:sp4:*:*:*:*:*:*",
"matchCriteriaId": "60536AAF-76BC-4773-98FA-5F01E2D231FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.1:sp5:*:*:*:*:*:*",
"matchCriteriaId": "1E4206C4-05A7-46D1-90C7-6BA7744C7AD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.1:sp5a:*:*:*:*:*:*",
"matchCriteriaId": "B78091F6-C3A7-4842-B555-D7ECC080E565",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:next_generation_fp0:*:*:*:*:*:*:*",
"matchCriteriaId": "A4D9A576-2878-4AC4-AC95-E69CB8A84A71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:next_generation_fp1:*:*:*:*:*:*:*",
"matchCriteriaId": "0A1A0B02-CF33-401F-9AB2-D595E586C795",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:vpn-1:4.1:sp5a:*:*:*:*:*:*",
"matchCriteriaId": "610F8305-9CD7-48F2-9F2E-2CDECD623DBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:vpn-1:next_generation_fp0:*:*:*:*:*:*:*",
"matchCriteriaId": "4AE4A7EE-1BA3-46F1-BF4A-A72997EE0992",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:vpn-1:next_generation_fp1:*:*:*:*:*:*:*",
"matchCriteriaId": "02029D75-FAF2-4842-9246-079C7DE36417",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in Check Point VPN-1 Server 4.1 through 4.1 SP6 and Check Point SecuRemote/SecureClient 4.1 through 4.1 build 4200 allows remote attackers to execute arbitrary code via an ISAKMP packet with a large Certificate Request packet."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en la pila en Checkpoint VPN-1 Server 4.1 a 4.1 SP6 y Checkpoint SecuRemote/SecureClient 4.1 a 4.1 compilaci\u00f3n 4200 pemite a atacantes remotos ejecutar c\u00f3digo arbitrario mediante un paquete ISAKMP con un paquete de Petici\u00f3n de Certificado muy grande."
}
],
"id": "CVE-2004-0040",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-03-03T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=107604682227031\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.ciac.org/ciac/bulletins/o-073.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/873334"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/3821"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/4432"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/9582"
},
{
"source": "cve@mitre.org",
"url": "http://xforce.iss.net/xforce/alerts/id/163"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14150"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=107604682227031\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ciac.org/ciac/bulletins/o-073.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/873334"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/3821"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/4432"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/9582"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://xforce.iss.net/xforce/alerts/id/163"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14150"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-07-07 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in the ISAKMP functionality for Check Point VPN-1 and FireWall-1 NG products, before VPN-1/FireWall-1 R55 HFA-03, R54 HFA-410 and NG FP3 HFA-325, or VPN-1 SecuRemote/SecureClient R56, may allow remote attackers to execute arbitrary code during VPN tunnel negotiation.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.checkpoint.com/techsupport/alerts/ike_vpn.html | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/10273 | Patch, Vendor Advisory | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/16060 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.checkpoint.com/techsupport/alerts/ike_vpn.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/10273 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/16060 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| checkpoint | firewall-1 | * | |
| checkpoint | firewall-1 | 2.0 | |
| checkpoint | firewall-1 | 2.0.1 | |
| checkpoint | next_generation | * | |
| checkpoint | ng-ai | r54 | |
| checkpoint | ng-ai | r55 | |
| checkpoint | vpn-1 | vsx_2.0.1 | |
| checkpoint | vpn-1 | vsx_ng_with_application_intelligence |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:*:*:vsx-ng-ai:*:*:*:*:*",
"matchCriteriaId": "AA9A50A1-CA8C-4EE5-B68F-4958F6B4B028",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:2.0:*:gx:*:*:*:*:*",
"matchCriteriaId": "8C83ABA2-87CD-429B-9800-590F8256B064",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:2.0.1:*:vsx:*:*:*:*:*",
"matchCriteriaId": "E77F0C13-C65F-44DC-BD5D-A8F5CBF33F07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:next_generation:*:*:fp3:*:*:*:*:*",
"matchCriteriaId": "148E888C-9705-4015-ADF2-5863715D8041",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:ng-ai:r54:*:*:*:*:*:*:*",
"matchCriteriaId": "A9E1C23E-E495-4724-92AB-E1AB425FBB7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:ng-ai:r55:*:*:*:*:*:*:*",
"matchCriteriaId": "60BC085B-508F-460F-8BE5-0B2842123DA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:vpn-1:vsx_2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9E5F3217-844F-41BB-8A7F-1D2F4445F3FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:vpn-1:vsx_ng_with_application_intelligence:*:*:*:*:*:*:*",
"matchCriteriaId": "B5EF01C8-1C8A-4BD1-A13B-CE31F09F9523",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the ISAKMP functionality for Check Point VPN-1 and FireWall-1 NG products, before VPN-1/FireWall-1 R55 HFA-03, R54 HFA-410 and NG FP3 HFA-325, or VPN-1 SecuRemote/SecureClient R56, may allow remote attackers to execute arbitrary code during VPN tunnel negotiation."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en la funcionalidad ISAKMP de los productos Check Point VPN-1 y FireWall-1 NG, anteriores a VPN-1/FireWall-1 R55 HFA-03, R54 HFA-410 y NG FP3 HFA-325, o VPN-1 SecuRemote/SecureClient R56, puede permitir a atacantes remotos ejecutar c\u00f3digo arbitrario mediane una negociaci\u00f3n de tunel VPN."
}
],
"id": "CVE-2004-0469",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-07-07T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.checkpoint.com/techsupport/alerts/ike_vpn.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/10273"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16060"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.checkpoint.com/techsupport/alerts/ike_vpn.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/10273"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16060"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-07-09 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Check Point VPN-1/FireWall-1 4.1 base.def contains a default macro, accept_fw1_rdp, which can allow remote attackers to bypass intended restrictions with forged RDP (internal protocol) headers to UDP port 259 of arbitrary hosts.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://archives.neohapsis.com/archives/bugtraq/2001-07/0128.html | Patch, Vendor Advisory | |
| cve@mitre.org | http://ciac.llnl.gov/ciac/bulletins/l-109.shtml | ||
| cve@mitre.org | http://online.securityfocus.com/cgi-bin/archive.pl?id=1&start=2002-03-11&end=2002-03-17&mid=195647&threads=1 | ||
| cve@mitre.org | http://www.cert.org/advisories/CA-2001-17.html | US Government Resource | |
| cve@mitre.org | http://www.checkpoint.com/techsupport/alerts/rdp.html | ||
| cve@mitre.org | http://www.kb.cert.org/vuls/id/310295 | US Government Resource | |
| cve@mitre.org | http://www.osvdb.org/1884 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/2952 | Patch, Vendor Advisory | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/6815 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://archives.neohapsis.com/archives/bugtraq/2001-07/0128.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://ciac.llnl.gov/ciac/bulletins/l-109.shtml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://online.securityfocus.com/cgi-bin/archive.pl?id=1&start=2002-03-11&end=2002-03-17&mid=195647&threads=1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.cert.org/advisories/CA-2001-17.html | US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.checkpoint.com/techsupport/alerts/rdp.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/310295 | US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.osvdb.org/1884 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/2952 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/6815 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| checkpoint | firewall-1 | 4.1 | |
| checkpoint | firewall-1 | 4.1 | |
| checkpoint | firewall-1 | 4.1_build_41439 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "100F03E3-1538-47AF-9CA6-E9E5C1DF05D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.1:sp2:*:*:*:*:*:*",
"matchCriteriaId": "0A7ED9A2-3996-4ABE-B0EF-92ACF6C8A38B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.1_build_41439:*:*:*:*:*:*:*",
"matchCriteriaId": "188CAD33-68AB-459F-BD09-47081563B2C7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Check Point VPN-1/FireWall-1 4.1 base.def contains a default macro, accept_fw1_rdp, which can allow remote attackers to bypass intended restrictions with forged RDP (internal protocol) headers to UDP port 259 of arbitrary hosts."
}
],
"id": "CVE-2001-1158",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-07-09T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-07/0128.html"
},
{
"source": "cve@mitre.org",
"url": "http://ciac.llnl.gov/ciac/bulletins/l-109.shtml"
},
{
"source": "cve@mitre.org",
"url": "http://online.securityfocus.com/cgi-bin/archive.pl?id=1\u0026start=2002-03-11\u0026end=2002-03-17\u0026mid=195647\u0026threads=1"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.cert.org/advisories/CA-2001-17.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.checkpoint.com/techsupport/alerts/rdp.html"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/310295"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/1884"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/2952"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6815"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-07/0128.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://ciac.llnl.gov/ciac/bulletins/l-109.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://online.securityfocus.com/cgi-bin/archive.pl?id=1\u0026start=2002-03-11\u0026end=2002-03-17\u0026mid=195647\u0026threads=1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.cert.org/advisories/CA-2001-17.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.checkpoint.com/techsupport/alerts/rdp.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/310295"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/1884"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/2952"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6815"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-11-23 05:00
Modified
2025-04-03 01:03
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:05.openssl.asc | Broken Link | |
| cve@mitre.org | ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc | Broken Link | |
| cve@mitre.org | ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt | Broken Link | |
| cve@mitre.org | http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000834 | Broken Link | |
| cve@mitre.org | http://docs.info.apple.com/article.html?artnum=61798 | Broken Link | |
| cve@mitre.org | http://fedoranews.org/updates/FEDORA-2004-095.shtml | Third Party Advisory | |
| cve@mitre.org | http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html | Mailing List | |
| cve@mitre.org | http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html | Mailing List | |
| cve@mitre.org | http://lists.apple.com/mhonarc/security-announce/msg00045.html | Broken Link | |
| cve@mitre.org | http://marc.info/?l=bugtraq&m=107953412903636&w=2 | Mailing List | |
| cve@mitre.org | http://marc.info/?l=bugtraq&m=108403806509920&w=2 | Mailing List | |
| cve@mitre.org | http://secunia.com/advisories/11139 | Broken Link | |
| cve@mitre.org | http://secunia.com/advisories/17381 | Broken Link | |
| cve@mitre.org | http://secunia.com/advisories/17398 | Broken Link | |
| cve@mitre.org | http://secunia.com/advisories/17401 | Broken Link | |
| cve@mitre.org | http://secunia.com/advisories/18247 | Broken Link | |
| cve@mitre.org | http://security.gentoo.org/glsa/glsa-200403-03.xml | Third Party Advisory | |
| cve@mitre.org | http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524 | Broken Link | |
| cve@mitre.org | http://support.avaya.com/elmodocs2/security/ASA-2005-239.htm | Third Party Advisory | |
| cve@mitre.org | http://support.lexmark.com/index?page=content&id=TE88&locale=EN&userlocale=EN_US | Broken Link | |
| cve@mitre.org | http://www.ciac.org/ciac/bulletins/o-101.shtml | Broken Link | |
| cve@mitre.org | http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml | Broken Link | |
| cve@mitre.org | http://www.debian.org/security/2004/dsa-465 | Third Party Advisory | |
| cve@mitre.org | http://www.kb.cert.org/vuls/id/288574 | Third Party Advisory, US Government Resource | |
| cve@mitre.org | http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html | Broken Link | |
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2004:023 | Third Party Advisory | |
| cve@mitre.org | http://www.novell.com/linux/security/advisories/2004_07_openssl.html | Broken Link | |
| cve@mitre.org | http://www.openssl.org/news/secadv_20040317.txt | Third Party Advisory | |
| cve@mitre.org | http://www.redhat.com/archives/fedora-announce-list/2005-October/msg00087.html | Mailing List | |
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2004-120.html | Broken Link | |
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2004-121.html | Broken Link | |
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2004-139.html | Broken Link | |
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2005-829.html | Broken Link | |
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2005-830.html | Broken Link | |
| cve@mitre.org | http://www.securityfocus.com/bid/9899 | Broken Link, Third Party Advisory, VDB Entry, Vendor Advisory | |
| cve@mitre.org | http://www.slackware.org/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.455961 | Broken Link | |
| cve@mitre.org | http://www.trustix.org/errata/2004/0012 | Broken Link | |
| cve@mitre.org | http://www.uniras.gov.uk/vuls/2004/224012/index.htm | Broken Link | |
| cve@mitre.org | http://www.us-cert.gov/cas/techalerts/TA04-078A.html | Broken Link, Third Party Advisory, US Government Resource | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/15505 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2621 | Broken Link | |
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5770 | Broken Link | |
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A870 | Broken Link | |
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A975 | Broken Link | |
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9779 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:05.openssl.asc | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000834 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://docs.info.apple.com/article.html?artnum=61798 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://fedoranews.org/updates/FEDORA-2004-095.shtml | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/mhonarc/security-announce/msg00045.html | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=107953412903636&w=2 | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=108403806509920&w=2 | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/11139 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/17381 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/17398 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/17401 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18247 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-200403-03.xml | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://support.avaya.com/elmodocs2/security/ASA-2005-239.htm | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://support.lexmark.com/index?page=content&id=TE88&locale=EN&userlocale=EN_US | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ciac.org/ciac/bulletins/o-101.shtml | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2004/dsa-465 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/288574 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2004:023 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.novell.com/linux/security/advisories/2004_07_openssl.html | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openssl.org/news/secadv_20040317.txt | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/archives/fedora-announce-list/2005-October/msg00087.html | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2004-120.html | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2004-121.html | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2004-139.html | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-829.html | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-830.html | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/9899 | Broken Link, Third Party Advisory, VDB Entry, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.slackware.org/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.455961 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.trustix.org/errata/2004/0012 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.uniras.gov.uk/vuls/2004/224012/index.htm | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.us-cert.gov/cas/techalerts/TA04-078A.html | Broken Link, Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/15505 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2621 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5770 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A870 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A975 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9779 | Broken Link |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | firewall_services_module | * | |
| cisco | firewall_services_module | 1.1.2 | |
| cisco | firewall_services_module | 1.1.3 | |
| cisco | firewall_services_module | 1.1_\(3.005\) | |
| cisco | firewall_services_module | 2.1_\(0.208\) | |
| hp | aaa_server | * | |
| hp | apache-based_web_server | 2.0.43.00 | |
| hp | apache-based_web_server | 2.0.43.04 | |
| symantec | clientless_vpn_gateway_4400 | 5.0 | |
| cisco | ciscoworks_common_management_foundation | 2.1 | |
| cisco | ciscoworks_common_services | 2.2 | |
| avaya | converged_communications_server | 2.0 | |
| avaya | sg200 | 4.4 | |
| avaya | sg200 | 4.31.29 | |
| avaya | sg203 | 4.4 | |
| avaya | sg203 | 4.31.29 | |
| avaya | sg208 | * | |
| avaya | sg208 | 4.4 | |
| avaya | sg5 | 4.2 | |
| avaya | sg5 | 4.3 | |
| avaya | sg5 | 4.4 | |
| apple | mac_os_x | 10.3.3 | |
| apple | mac_os_x_server | 10.3.3 | |
| freebsd | freebsd | 4.8 | |
| freebsd | freebsd | 4.8 | |
| freebsd | freebsd | 4.9 | |
| freebsd | freebsd | 5.1 | |
| freebsd | freebsd | 5.1 | |
| freebsd | freebsd | 5.1 | |
| freebsd | freebsd | 5.2 | |
| freebsd | freebsd | 5.2.1 | |
| hp | hp-ux | 8.05 | |
| hp | hp-ux | 11.00 | |
| hp | hp-ux | 11.11 | |
| hp | hp-ux | 11.23 | |
| openbsd | openbsd | 3.3 | |
| openbsd | openbsd | 3.4 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | enterprise_linux_desktop | 3.0 | |
| redhat | linux | 7.2 | |
| redhat | linux | 7.3 | |
| redhat | linux | 8.0 | |
| sco | openserver | 5.0.6 | |
| sco | openserver | 5.0.7 | |
| cisco | ios | 12.1\(11\)e | |
| cisco | ios | 12.1\(11b\)e | |
| cisco | ios | 12.1\(11b\)e12 | |
| cisco | ios | 12.1\(11b\)e14 | |
| cisco | ios | 12.1\(13\)e9 | |
| cisco | ios | 12.1\(19\)e1 | |
| cisco | ios | 12.2\(14\)sy | |
| cisco | ios | 12.2\(14\)sy1 | |
| cisco | ios | 12.2sy | |
| cisco | ios | 12.2za | |
| 4d | webstar | 4.0 | |
| 4d | webstar | 5.2 | |
| 4d | webstar | 5.2.1 | |
| 4d | webstar | 5.2.2 | |
| 4d | webstar | 5.2.3 | |
| 4d | webstar | 5.2.4 | |
| 4d | webstar | 5.3 | |
| 4d | webstar | 5.3.1 | |
| avaya | intuity_audix | * | |
| avaya | intuity_audix | 5.1.46 | |
| avaya | intuity_audix | s3210 | |
| avaya | intuity_audix | s3400 | |
| avaya | vsu | 5 | |
| avaya | vsu | 5x | |
| avaya | vsu | 100_r2.0.1 | |
| avaya | vsu | 500 | |
| avaya | vsu | 2000_r2.0.1 | |
| avaya | vsu | 5000_r2.0.1 | |
| avaya | vsu | 7500_r2.0.1 | |
| avaya | vsu | 10000_r2.0.1 | |
| checkpoint | firewall-1 | * | |
| checkpoint | firewall-1 | 2.0 | |
| checkpoint | firewall-1 | next_generation_fp0 | |
| checkpoint | firewall-1 | next_generation_fp1 | |
| checkpoint | firewall-1 | next_generation_fp2 | |
| checkpoint | provider-1 | 4.1 | |
| checkpoint | provider-1 | 4.1 | |
| checkpoint | provider-1 | 4.1 | |
| checkpoint | provider-1 | 4.1 | |
| checkpoint | provider-1 | 4.1 | |
| checkpoint | vpn-1 | next_generation_fp0 | |
| checkpoint | vpn-1 | next_generation_fp1 | |
| checkpoint | vpn-1 | next_generation_fp2 | |
| checkpoint | vpn-1 | vsx_ng_with_application_intelligence | |
| cisco | access_registrar | * | |
| cisco | application_and_content_networking_software | * | |
| cisco | css_secure_content_accelerator | 1.0 | |
| cisco | css_secure_content_accelerator | 2.0 | |
| cisco | css11000_content_services_switch | * | |
| cisco | okena_stormwatch | 3.2 | |
| cisco | pix_firewall | 6.2.2_.111 | |
| cisco | threat_response | * | |
| cisco | webns | 6.10 | |
| cisco | webns | 6.10_b4 | |
| cisco | webns | 7.1_0.1.02 | |
| cisco | webns | 7.1_0.2.06 | |
| cisco | webns | 7.2_0.0.03 | |
| cisco | webns | 7.10 | |
| cisco | webns | 7.10_.0.06s | |
| dell | bsafe_ssl-j | 3.0 | |
| dell | bsafe_ssl-j | 3.0.1 | |
| dell | bsafe_ssl-j | 3.1 | |
| hp | wbem | a.01.05.08 | |
| hp | wbem | a.02.00.00 | |
| hp | wbem | a.02.00.01 | |
| lite | speed_technologies_litespeed_web_server | 1.0.1 | |
| lite | speed_technologies_litespeed_web_server | 1.0.2 | |
| lite | speed_technologies_litespeed_web_server | 1.0.3 | |
| lite | speed_technologies_litespeed_web_server | 1.1 | |
| lite | speed_technologies_litespeed_web_server | 1.1.1 | |
| lite | speed_technologies_litespeed_web_server | 1.2.1 | |
| lite | speed_technologies_litespeed_web_server | 1.2.2 | |
| lite | speed_technologies_litespeed_web_server | 1.2_rc1 | |
| lite | speed_technologies_litespeed_web_server | 1.2_rc2 | |
| lite | speed_technologies_litespeed_web_server | 1.3 | |
| lite | speed_technologies_litespeed_web_server | 1.3.1 | |
| lite | speed_technologies_litespeed_web_server | 1.3_rc1 | |
| lite | speed_technologies_litespeed_web_server | 1.3_rc2 | |
| lite | speed_technologies_litespeed_web_server | 1.3_rc3 | |
| neoteris | instant_virtual_extranet | 3.0 | |
| neoteris | instant_virtual_extranet | 3.1 | |
| neoteris | instant_virtual_extranet | 3.2 | |
| neoteris | instant_virtual_extranet | 3.3 | |
| neoteris | instant_virtual_extranet | 3.3.1 | |
| novell | edirectory | 8.0 | |
| novell | edirectory | 8.5 | |
| novell | edirectory | 8.5.12a | |
| novell | edirectory | 8.5.27 | |
| novell | edirectory | 8.6.2 | |
| novell | edirectory | 8.7 | |
| novell | edirectory | 8.7.1 | |
| novell | edirectory | 8.7.1 | |
| novell | imanager | 1.5 | |
| novell | imanager | 2.0 | |
| openssl | openssl | 0.9.6c | |
| openssl | openssl | 0.9.6d | |
| openssl | openssl | 0.9.6e | |
| openssl | openssl | 0.9.6f | |
| openssl | openssl | 0.9.6g | |
| openssl | openssl | 0.9.6h | |
| openssl | openssl | 0.9.6i | |
| openssl | openssl | 0.9.6j | |
| openssl | openssl | 0.9.6k | |
| openssl | openssl | 0.9.7 | |
| openssl | openssl | 0.9.7 | |
| openssl | openssl | 0.9.7 | |
| openssl | openssl | 0.9.7 | |
| openssl | openssl | 0.9.7a | |
| openssl | openssl | 0.9.7b | |
| openssl | openssl | 0.9.7c | |
| redhat | openssl | 0.9.6-15 | |
| redhat | openssl | 0.9.6b-3 | |
| redhat | openssl | 0.9.7a-2 | |
| redhat | openssl | 0.9.7a-2 | |
| redhat | openssl | 0.9.7a-2 | |
| sgi | propack | 2.3 | |
| sgi | propack | 2.4 | |
| sgi | propack | 3.0 | |
| stonesoft | servercluster | 2.5 | |
| stonesoft | servercluster | 2.5.2 | |
| stonesoft | stonebeat_fullcluster | 1_2.0 | |
| stonesoft | stonebeat_fullcluster | 1_3.0 | |
| stonesoft | stonebeat_fullcluster | 2.0 | |
| stonesoft | stonebeat_fullcluster | 2.5 | |
| stonesoft | stonebeat_fullcluster | 3.0 | |
| stonesoft | stonebeat_securitycluster | 2.0 | |
| stonesoft | stonebeat_securitycluster | 2.5 | |
| stonesoft | stonebeat_webcluster | 2.0 | |
| stonesoft | stonebeat_webcluster | 2.5 | |
| stonesoft | stonegate | 1.5.17 | |
| stonesoft | stonegate | 1.5.18 | |
| stonesoft | stonegate | 1.6.2 | |
| stonesoft | stonegate | 1.6.3 | |
| stonesoft | stonegate | 1.7 | |
| stonesoft | stonegate | 1.7.1 | |
| stonesoft | stonegate | 1.7.2 | |
| stonesoft | stonegate | 2.0.1 | |
| stonesoft | stonegate | 2.0.4 | |
| stonesoft | stonegate | 2.0.5 | |
| stonesoft | stonegate | 2.0.6 | |
| stonesoft | stonegate | 2.0.7 | |
| stonesoft | stonegate | 2.0.8 | |
| stonesoft | stonegate | 2.0.9 | |
| stonesoft | stonegate | 2.1 | |
| stonesoft | stonegate | 2.2 | |
| stonesoft | stonegate | 2.2.1 | |
| stonesoft | stonegate | 2.2.4 | |
| stonesoft | stonegate_vpn_client | 1.7 | |
| stonesoft | stonegate_vpn_client | 1.7.2 | |
| stonesoft | stonegate_vpn_client | 2.0 | |
| stonesoft | stonegate_vpn_client | 2.0.7 | |
| stonesoft | stonegate_vpn_client | 2.0.8 | |
| stonesoft | stonegate_vpn_client | 2.0.9 | |
| tarantella | tarantella_enterprise | 3.20 | |
| tarantella | tarantella_enterprise | 3.30 | |
| tarantella | tarantella_enterprise | 3.40 | |
| vmware | gsx_server | 2.0 | |
| vmware | gsx_server | 2.0.1_build_2129 | |
| vmware | gsx_server | 2.5.1 | |
| vmware | gsx_server | 2.5.1_build_5336 | |
| vmware | gsx_server | 3.0_build_7592 | |
| avaya | s8300 | r2.0.0 | |
| avaya | s8300 | r2.0.1 | |
| avaya | s8500 | r2.0.0 | |
| avaya | s8500 | r2.0.1 | |
| avaya | s8700 | r2.0.0 | |
| avaya | s8700 | r2.0.1 | |
| bluecoat | proxysg | * | |
| cisco | call_manager | * | |
| cisco | content_services_switch_11500 | * | |
| cisco | gss_4480_global_site_selector | * | |
| cisco | gss_4490_global_site_selector | * | |
| cisco | mds_9000 | * | |
| cisco | secure_content_accelerator | 10000 | |
| securecomputing | sidewinder | 5.2 | |
| securecomputing | sidewinder | 5.2.0.01 | |
| securecomputing | sidewinder | 5.2.0.02 | |
| securecomputing | sidewinder | 5.2.0.03 | |
| securecomputing | sidewinder | 5.2.0.04 | |
| securecomputing | sidewinder | 5.2.1 | |
| securecomputing | sidewinder | 5.2.1.02 | |
| sun | crypto_accelerator_4000 | 1.0 | |
| bluecoat | cacheos_ca_sa | 4.1.10 | |
| bluecoat | cacheos_ca_sa | 4.1.12 | |
| cisco | pix_firewall_software | 6.0 | |
| cisco | pix_firewall_software | 6.0\(1\) | |
| cisco | pix_firewall_software | 6.0\(2\) | |
| cisco | pix_firewall_software | 6.0\(3\) | |
| cisco | pix_firewall_software | 6.0\(4\) | |
| cisco | pix_firewall_software | 6.0\(4.101\) | |
| cisco | pix_firewall_software | 6.1 | |
| cisco | pix_firewall_software | 6.1\(1\) | |
| cisco | pix_firewall_software | 6.1\(2\) | |
| cisco | pix_firewall_software | 6.1\(3\) | |
| cisco | pix_firewall_software | 6.1\(4\) | |
| cisco | pix_firewall_software | 6.1\(5\) | |
| cisco | pix_firewall_software | 6.2 | |
| cisco | pix_firewall_software | 6.2\(1\) | |
| cisco | pix_firewall_software | 6.2\(2\) | |
| cisco | pix_firewall_software | 6.2\(3\) | |
| cisco | pix_firewall_software | 6.2\(3.100\) | |
| cisco | pix_firewall_software | 6.3 | |
| cisco | pix_firewall_software | 6.3\(1\) | |
| cisco | pix_firewall_software | 6.3\(2\) | |
| cisco | pix_firewall_software | 6.3\(3.102\) | |
| cisco | pix_firewall_software | 6.3\(3.109\) |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firewall_services_module:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2A9CB22A-21E0-46F6-B6CD-BB38A80FA7A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:firewall_services_module:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B9CAFC15-178C-4176-9668-D4A04B63E77B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:firewall_services_module:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3C8D6949-89F4-40EF-98F4-8D15628DC345",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:firewall_services_module:1.1_\\(3.005\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F3DB2AEE-FB5C-42B7-845B-EDA3E58D5D68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:firewall_services_module:2.1_\\(0.208\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6479D85C-1A12-486D-818C-6679F415CA26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:aaa_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "287CF5FA-D0EC-4FD7-9718-973587EF34DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:apache-based_web_server:2.0.43.00:*:*:*:*:*:*:*",
"matchCriteriaId": "C88168D4-7DB5-4720-8640-400BB680D0FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:apache-based_web_server:2.0.43.04:*:*:*:*:*:*:*",
"matchCriteriaId": "968915A1-375B-4C69-BE11-9A393F7F1B0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:symantec:clientless_vpn_gateway_4400:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "11465DCA-72E5-40E9-9D8E-B3CD470C47E9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_common_management_foundation:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3954D0D1-9FDF-47D0-9710-D0FB06955B8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3D6712BD-DE8F-40F5-AC74-B9EFE9A50CFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:converged_communications_server:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E586558A-ABC3-42EB-8B4D-DC92A0D695E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:sg200:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2A4C5F60-B32D-4D85-BA28-AE11972ED614",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:sg200:4.31.29:*:*:*:*:*:*:*",
"matchCriteriaId": "6A5935C3-3D83-461F-BC26-E03362115C42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:sg203:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "80AC523B-3106-46F2-B760-803DCF8061F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:sg203:4.31.29:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B8D6F3-D15D-489F-A807-17E63F4831F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:sg208:*:*:*:*:*:*:*:*",
"matchCriteriaId": "808189BA-197F-49CE-933E-A728F395749C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:sg208:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "32DCFA7B-7BBB-465A-A4AD-7E18EE3C02DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:sg5:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CC7EF0CD-EA39-457B-8E2E-9120B65A5835",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:sg5:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7BC2983F-5212-464B-AC21-8A897DEC1F58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:sg5:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EBF17989-D1F2-4B04-80BD-CFABDD482ABA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BF2D00AC-FA2A-4C39-B796-DC19072862CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E8BCD1C5-1AFC-4287-9AFD-81FB3F4F9E54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "441BE3A0-20F4-4972-B279-19B3DB5FA14D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.8:releng:*:*:*:*:*:*",
"matchCriteriaId": "2D33C6EF-DBE1-4943-83E4-1F10670DAC6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "00EAEA17-033A-4A50-8E39-D61154876D2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4EE93350-92E6-4F5C-A14C-9993CFFDBCD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.1:release:*:*:*:*:*:*",
"matchCriteriaId": "0D9F2B04-A1F2-4788-A53D-C8274A758DDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.1:releng:*:*:*:*:*:*",
"matchCriteriaId": "9A5309ED-D84F-4F52-9864-5B0FEEEE5022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7C441E-444B-4DF5-8491-86805C70FB99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.2.1:release:*:*:*:*:*:*",
"matchCriteriaId": "C9CCE8F3-84EE-4571-8AAA-BF2D132E9BD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:8.05:*:*:*:*:*:*:*",
"matchCriteriaId": "31B1ADC1-9B6D-4B5E-A05A-D69599A3A0D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*",
"matchCriteriaId": "771931F7-9180-4EBD-8627-E1CF17D24647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*",
"matchCriteriaId": "EDD9BE2B-7255-4FC1-B452-E8370632B03F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.23:*:*:*:*:*:*:*",
"matchCriteriaId": "32310AFE-38CC-4C6C-AE13-54C18720F2C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AC46909F-DDFC-448B-BCDF-1EB343F96630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9496279F-AB43-4B53-81A6-87C651ABC4BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*",
"matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E562907F-D915-4030-847A-3C6834A80D4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "138985E6-5107-4E8B-A801-C3D5FE075227",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "038FEDE7-986F-4CA5-9003-BA68352B87D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:openserver:5.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1E140F76-D078-4F58-89CF-3278CDCB9AF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:openserver:5.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D9D76A8D-832B-411E-A458-186733C66010",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(11\\)e:*:*:*:*:*:*:*",
"matchCriteriaId": "580BA1FE-0826-47A7-8BD3-9225E0841EDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(11b\\)e:*:*:*:*:*:*:*",
"matchCriteriaId": "040B04CD-B891-4F19-A7CC-5C2D462FBD6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(11b\\)e12:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF29685-7FFC-4093-A1D4-21E4871AF5C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(11b\\)e14:*:*:*:*:*:*:*",
"matchCriteriaId": "E72872C9-63AF-417F-BFAE-92B4D350C006",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(13\\)e9:*:*:*:*:*:*:*",
"matchCriteriaId": "80BCF196-5E5A-4F31-BCE7-AA0C748CA922",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(19\\)e1:*:*:*:*:*:*:*",
"matchCriteriaId": "970939C5-1E6F-47B6-97E6-7B2C1E019985",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(14\\)sy:*:*:*:*:*:*:*",
"matchCriteriaId": "CD1F4148-E772-4708-8C1F-D67F969C11DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(14\\)sy1:*:*:*:*:*:*:*",
"matchCriteriaId": "3CEBCEF0-5982-4B30-8377-9CAC978A1CB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2sy:*:*:*:*:*:*:*",
"matchCriteriaId": "09458CD7-D430-4957-8506-FAB2A3E2AA65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2za:*:*:*:*:*:*:*",
"matchCriteriaId": "62626BB6-D4EA-4A8A-ABC1-F86B37F19EDB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:4d:webstar:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B87C95-4B34-4628-AD03-67D1DE13E097",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:4d:webstar:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "758F95DB-E619-4B08-86FA-6CF2C1B0CBCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:4d:webstar:5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4F04471C-732F-44EE-AD1B-6305C1DD7DDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:4d:webstar:5.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3499913B-5DCD-4115-8C7B-9E8AFF79DE5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:4d:webstar:5.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E237919A-416B-4039-AAD2-7FAE1F4E100D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:4d:webstar:5.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "39149924-188C-40C1-B598-A9CD407C90DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:4d:webstar:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "15D5780C-4E29-4BCA-A47E-29FF6EAF33FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:4d:webstar:5.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E6501108-5455-48FE-AA82-37AFA5D7EC24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:intuity_audix:*:*:lx:*:*:*:*:*",
"matchCriteriaId": "C1A3B951-A1F8-4291-82FA-AB7922D13ACE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:intuity_audix:5.1.46:*:*:*:*:*:*:*",
"matchCriteriaId": "3F2E7C81-C0F5-4D36-9A23-03BE69295ED0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:intuity_audix:s3210:*:*:*:*:*:*:*",
"matchCriteriaId": "9D0EF4A3-2FE5-41E4-A764-30B379ECF081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:intuity_audix:s3400:*:*:*:*:*:*:*",
"matchCriteriaId": "CCF6D59E-8AEA-4380-B86B-0803B2202F16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:vsu:5:*:*:*:*:*:*:*",
"matchCriteriaId": "140ABF28-FA39-4D77-AEB2-304962ED48C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:vsu:5x:*:*:*:*:*:*:*",
"matchCriteriaId": "09473DD9-5114-44C5-B56C-6630FBEBCACB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:vsu:100_r2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7ECD3A4-5A39-4222-8350-524F11D8FFB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:vsu:500:*:*:*:*:*:*:*",
"matchCriteriaId": "D36C140D-E80C-479A-ADA7-18E901549059",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:vsu:2000_r2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "940712E9-B041-4B7F-BD02-7DD0AE596D65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:vsu:5000_r2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "03B887A2-9025-4C5B-8901-71BC63BF5293",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:vsu:7500_r2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "33264586-7160-4550-9FF9-4101D72F5C9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:vsu:10000_r2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CE5E6521-0611-4473-82AC-21655F10FEC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:*:*:vsx-ng-ai:*:*:*:*:*",
"matchCriteriaId": "AA9A50A1-CA8C-4EE5-B68F-4958F6B4B028",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:2.0:*:gx:*:*:*:*:*",
"matchCriteriaId": "8C83ABA2-87CD-429B-9800-590F8256B064",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:next_generation_fp0:*:*:*:*:*:*:*",
"matchCriteriaId": "A4D9A576-2878-4AC4-AC95-E69CB8A84A71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:next_generation_fp1:*:*:*:*:*:*:*",
"matchCriteriaId": "0A1A0B02-CF33-401F-9AB2-D595E586C795",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:next_generation_fp2:*:*:*:*:*:*:*",
"matchCriteriaId": "8C0EF3F0-B82E-45B7-8D05-05E76009F7A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:provider-1:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "90FB3825-21A6-4DBE-8188-67672DBE01CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:provider-1:4.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "80623E58-8B46-4559-89A4-C329AACF3CB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:provider-1:4.1:sp2:*:*:*:*:*:*",
"matchCriteriaId": "AEE6C228-CD93-4636-868B-C19BC1674BE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:provider-1:4.1:sp3:*:*:*:*:*:*",
"matchCriteriaId": "A645148C-AD0D-46C1-BEE3-10F5C9066279",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:provider-1:4.1:sp4:*:*:*:*:*:*",
"matchCriteriaId": "0D69187C-7F46-4FF0-A8A0-0E1989EA79BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:vpn-1:next_generation_fp0:*:*:*:*:*:*:*",
"matchCriteriaId": "4AE4A7EE-1BA3-46F1-BF4A-A72997EE0992",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:vpn-1:next_generation_fp1:*:*:*:*:*:*:*",
"matchCriteriaId": "02029D75-FAF2-4842-9246-079C7DE36417",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:vpn-1:next_generation_fp2:*:*:*:*:*:*:*",
"matchCriteriaId": "E0146341-364C-4085-A2E1-BC8C260FBA3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:vpn-1:vsx_ng_with_application_intelligence:*:*:*:*:*:*:*",
"matchCriteriaId": "B5EF01C8-1C8A-4BD1-A13B-CE31F09F9523",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:access_registrar:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B8496E0D-2507-4C25-A122-0B846CBCA72A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_and_content_networking_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E383F2A-DFCF-47F8-94EE-3563D41EA597",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:css_secure_content_accelerator:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D2D87EF0-056E-4128-89EB-2803ED83DEE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:css_secure_content_accelerator:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BB3163C1-2044-44DA-9C88-076D75FDF1EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:css11000_content_services_switch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07E1B690-C58B-4C08-A757-F3DF451FDAAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:okena_stormwatch:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "31F0E14C-7681-4D1A-B982-A51E450B93A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:pix_firewall:6.2.2_.111:*:*:*:*:*:*:*",
"matchCriteriaId": "ECBC761F-A8F5-4CD8-B19C-5CE8FFC58FDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:threat_response:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF39E8B-C201-4940-81C9-14AF4C3DD4B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webns:6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "AC604680-2E9E-4DC4-ACDD-74D552A45BA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webns:6.10_b4:*:*:*:*:*:*:*",
"matchCriteriaId": "37A94436-D092-4C7E-B87B-63BC621EE82E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webns:7.1_0.1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "862165CF-3CFB-4C6E-8238-86FA85F243C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webns:7.1_0.2.06:*:*:*:*:*:*:*",
"matchCriteriaId": "056F3336-BAA8-4A03-90B4-7B31710FC1B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webns:7.2_0.0.03:*:*:*:*:*:*:*",
"matchCriteriaId": "9FDC2510-FBB9-429A-B6D4-10AB11F93960",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webns:7.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5D45127E-A544-40A0-9D34-BD70D95C9772",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webns:7.10_.0.06s:*:*:*:*:*:*:*",
"matchCriteriaId": "56C69C3E-C895-45C8-8182-7BB412A0C828",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dell:bsafe_ssl-j:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A1FDD507-C38B-4C38-A54F-3DA6F07AD0B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dell:bsafe_ssl-j:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6F2B7AC2-CF08-4AC9-9A71-3A8130F9F9AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dell:bsafe_ssl-j:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4D9564B-B92E-4C97-87FF-B56D62DCA775",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:wbem:a.01.05.08:*:*:*:*:*:*:*",
"matchCriteriaId": "B931D4F8-23F5-4ABA-A457-959995D30C58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:wbem:a.02.00.00:*:*:*:*:*:*:*",
"matchCriteriaId": "BE6A023E-9C2A-487F-B5CE-674C766BFE75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:wbem:a.02.00.01:*:*:*:*:*:*:*",
"matchCriteriaId": "6A15ACA2-D500-4260-B51A-6FE6AB5A45A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2A045971-8756-47E8-9044-C39D08B36F1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CAA95881-7231-4FDA-AF73-04DF9FF0B64C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "62B7F6AD-EDBD-4B09-BDB2-795ED114F2AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F045AB7B-1551-46E5-A5CC-BF13C1BB49F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "44E85930-3AAD-420B-8E3E-AEC57344F6C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "52FD4485-BCA2-485A-A0CF-F8152C9DBFA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7CF53BE4-FE2D-4D63-BD0F-A423D0FE3BE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.2_rc1:*:*:*:*:*:*:*",
"matchCriteriaId": "00993464-BE09-4691-B3F0-51BBA9FB80C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.2_rc2:*:*:*:*:*:*:*",
"matchCriteriaId": "896AB39E-2078-4BA2-9522-477BD5F98FD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EB9279EC-47CF-45F1-B4CC-B2B332E82E34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E7300C3E-8105-4C23-89B9-7D29CED18C15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3_rc1:*:*:*:*:*:*:*",
"matchCriteriaId": "90C59DB2-48DA-4172-A1F5-25CF3B5097AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3_rc2:*:*:*:*:*:*:*",
"matchCriteriaId": "715F4E0B-7E4B-4520-A987-9B3ED3136B75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3_rc3:*:*:*:*:*:*:*",
"matchCriteriaId": "9CA1F606-C558-40FD-9300-6E2796F47BA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:neoteris:instant_virtual_extranet:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A037FAA6-6D26-4496-BC67-03475B4D1155",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:neoteris:instant_virtual_extranet:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D3831DD3-E783-4200-8986-FDBF7DD9BA53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:neoteris:instant_virtual_extranet:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2909C9D5-3D8F-4C41-B0E7-A0C0B432C19A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:neoteris:instant_virtual_extranet:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E09436DF-E3C1-4C03-A3BE-73C4BC84BB7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:neoteris:instant_virtual_extranet:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "699764B6-0F86-4AB0-86A3-4F2E69AD820C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7562ADC4-0D01-4FC2-98F0-1F4041BDA52E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E6FAB588-BDBE-4A04-AB9E-4F700A3951F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.5.12a:*:*:*:*:*:*:*",
"matchCriteriaId": "E1B83F84-D1EF-43B4-8620-3C1BCCE44553",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.5.27:*:*:*:*:*:*:*",
"matchCriteriaId": "41169D2F-4F16-466A-82E9-AD0735472B5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "947699C3-D9DE-411A-99C0-44ADD1D2223A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "15F668C0-8420-4401-AB0F-479575596CF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDCC7B6-34CA-4551-9833-306B93E517BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "6D69C160-39F7-48B8-B9A3-CC86690453C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "166BF638-ABDC-4BB9-BD4E-2B22681AD9CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8FA6420B-9F6A-48F4-A445-12B60A320347",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*",
"matchCriteriaId": "0FCA45CE-4127-47AD-BBA8-8A6DD83AE1C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA1CA40-7DB5-4DCA-97A8-9A8CF4FECECC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*",
"matchCriteriaId": "180D07AE-C571-4DD6-837C-43E2A946007A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:*",
"matchCriteriaId": "BA3E4D2A-6488-4F8B-A3CA-4161A10FA4DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*",
"matchCriteriaId": "90789533-C741-4B1C-A24B-2C77B9E4DE5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*",
"matchCriteriaId": "1520065B-46D7-48A4-B9D0-5B49F690C5B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*",
"matchCriteriaId": "5B76FE2D-FBE0-4A3B-A0EA-179332D74F0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:*",
"matchCriteriaId": "2AA526B9-726A-49D5-B3CA-EBE2DA303CA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:*",
"matchCriteriaId": "494E48E7-EF86-4860-9A53-94F6C313746E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*",
"matchCriteriaId": "45A518E8-21BE-4C5C-B425-410AB1208E9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.7:beta1:*:*:*:*:*:*",
"matchCriteriaId": "9E3AB748-E463-445C-ABAB-4FEDDFD1878B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.7:beta2:*:*:*:*:*:*",
"matchCriteriaId": "660E4B8D-AABA-4520-BC4D-CF8E76E07C05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.7:beta3:*:*:*:*:*:*",
"matchCriteriaId": "85BFEED5-4941-41BB-93D1-CD5C2A41290E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*",
"matchCriteriaId": "78E79A05-64F3-4397-952C-A5BB950C967D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*",
"matchCriteriaId": "7F7C9E77-1EB2-4720-A8FD-23DC1C877D5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*",
"matchCriteriaId": "549BB01D-F322-4FE3-BDA2-4FEA8ED8568A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openssl:0.9.6-15:*:i386:*:*:*:*:*",
"matchCriteriaId": "09F3FB7B-0F68-49F3-A3B7-977A687A42E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openssl:0.9.6b-3:*:i386:*:*:*:*:*",
"matchCriteriaId": "088F2FF7-96E5-455E-A35B-D99F9854EC6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openssl:0.9.7a-2:*:i386:*:*:*:*:*",
"matchCriteriaId": "FFA721BF-1B2E-479F-BF25-02D441BF175B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openssl:0.9.7a-2:*:i386_dev:*:*:*:*:*",
"matchCriteriaId": "AFEDCE49-21CC-4168-818F-4C638EE3B077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openssl:0.9.7a-2:*:i386_perl:*:*:*:*:*",
"matchCriteriaId": "B7D18F9B-C0BE-4DE8-81F4-5BF56C00BF41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sgi:propack:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "26430687-409B-448F-934B-06AB937DDF63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0702A32E-E577-403C-B4D9-15037D7100A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:servercluster:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8F0F78F4-E81E-4C6B-AB73-D6AAE191060E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:servercluster:2.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DF1A5808-6D5D-48AD-9470-5A6510D17913",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonebeat_fullcluster:1_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C1E8990D-D9A0-4A71-9D87-EC047E01B0D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonebeat_fullcluster:1_3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6DBCC172-6867-4DFD-AAEF-9BDB4DA21F46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonebeat_fullcluster:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C2F2BEEA-46BB-4718-B0F3-B4EC62B678A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonebeat_fullcluster:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8D09E11C-C5BB-409E-BB0D-7F351250419B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonebeat_fullcluster:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6B06A05D-AA31-441D-9FC2-3558648C3B7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonebeat_securitycluster:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C0886901-6F93-44C1-B774-84D7E5D9554C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonebeat_securitycluster:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3F203A80-7C1E-4A04-8E99-63525E176753",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonebeat_webcluster:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CA0A204C-158B-4014-A53C-75E0CD63E0DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonebeat_webcluster:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "085BA581-7DA5-4FA4-A888-351281FD0A7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:1.5.17:*:*:*:*:*:*:*",
"matchCriteriaId": "EA1C4B3C-5701-4233-BA94-28915713F9C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:1.5.18:*:*:*:*:*:*:*",
"matchCriteriaId": "28D9F8D7-698A-486A-918A-7DB5CAFBB3CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:1.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D125C2A0-A4B5-48D6-A38A-54755C3FDF4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:1.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0F85F672-0F21-4AD7-8620-13D82F2ECC22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "89070041-613A-4F7B-BD6A-C6091D21FC52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:1.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D9A71933-4BD5-4B11-8B14-D997E75F29CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:1.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5B6BE11D-FC02-4950-A554-08CC9D8B1853",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A53FD0E1-9BAA-43F0-BCC9-0BE8D4356F55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B80ADAE8-94D4-46A4-A5ED-FF134D808B52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "69FA0221-5073-4D45-950F-119497B53FED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C4AE5B43-7C90-4C2A-A215-30F5EC5841C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2CC1A110-B203-4962-8E1A-74BD98121AF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B5A92C4D-B024-4D39-9479-409C39586F64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "E7E0C4F5-CF02-4FF6-AE9B-5B6B70D5C067",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5E8998CC-E372-46D0-8339-47DC8D92D253",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AF131FDC-BF8D-4A17-99F0-444EB900E83D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "880811B3-E78E-456E-972E-DE733F368576",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "22411F18-2B93-405A-A3B5-2CF0A04977C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate_vpn_client:1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C71188B7-E6DC-41E5-B619-367341113501",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate_vpn_client:1.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "07491444-0196-4504-A971-A5E388B86BBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate_vpn_client:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "72BC6CD2-3291-4E69-8DC6-F3AB853F8931",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate_vpn_client:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "CD43EDDF-58A7-4705-B8C7-FD76C35A437D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate_vpn_client:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "A7C2E603-568F-40F6-9A7C-439E2A51B37F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate_vpn_client:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "703421A7-E8C5-450B-97EF-FD9D99D4B834",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tarantella:tarantella_enterprise:3.20:*:*:*:*:*:*:*",
"matchCriteriaId": "9519BCB2-B401-44CE-97F6-847BB36AE45F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tarantella:tarantella_enterprise:3.30:*:*:*:*:*:*:*",
"matchCriteriaId": "BBE573E8-DD94-4293-99AE-27B9067B3ED9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tarantella:tarantella_enterprise:3.40:*:*:*:*:*:*:*",
"matchCriteriaId": "D14413DA-5199-4282-9E22-D347E9D8E469",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:gsx_server:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "05CC5F49-0E9E-45D8-827D-A5940566DB25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:gsx_server:2.0.1_build_2129:*:*:*:*:*:*:*",
"matchCriteriaId": "5D94EE19-6CE9-4E02-8174-D9954CDBF02B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:gsx_server:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4E4BEE3-AE7B-4481-B724-2E644E18ACC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:gsx_server:2.5.1_build_5336:*:*:*:*:*:*:*",
"matchCriteriaId": "EAAB7052-E0B6-472E-920B-A0F0AEA25D6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:gsx_server:3.0_build_7592:*:*:*:*:*:*:*",
"matchCriteriaId": "8CE38F15-BD42-4171-8670-86AA8169A60C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:s8300:r2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "20C0BD87-CE4B-49D2-89BE-EF282C43AD72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:s8300:r2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C3E6C4A8-59F4-43EE-8413-E95289037598",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:s8500:r2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FE76357A-27E6-4D85-9AA0-1BB658C41568",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:s8500:r2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C56C5FDB-24E2-479D-87CA-164CD28567D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:s8700:r2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AEF6C16F-8EDF-4A24-BFEF-6A304D654EEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:s8700:r2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D982AE39-BB57-49E7-B5FE-5EF1ADE2F019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:bluecoat:proxysg:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1B6CFEC9-0F8F-4CD4-ABD1-E6533F910F7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "12DE5E22-DF93-46BE-85A3-D4E04379E901",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:content_services_switch_11500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BF28C435-C036-4507-8E3F-44E722F9974A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:gss_4480_global_site_selector:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CDA957E2-ABF9-49B2-874F-3FC3060CE0B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:gss_4490_global_site_selector:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5F2CDFE7-6853-4A31-85C0-50C57A8D606A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:mds_9000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0F2ED90B-DDBA-49DE-AC78-20E7D77C8858",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:secure_content_accelerator:10000:*:*:*:*:*:*:*",
"matchCriteriaId": "408A9DB0-81EF-4186-B338-44954E67289B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5B0C5F92-7E93-4C3F-B22B-E6612A4D3E10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.0.01:*:*:*:*:*:*:*",
"matchCriteriaId": "2D0DC4B4-9AD9-4AC8-BFA7-A3D209B5D089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.0.02:*:*:*:*:*:*:*",
"matchCriteriaId": "303362A5-9C3C-4C85-8C97-2AB12CE01BF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.0.03:*:*:*:*:*:*:*",
"matchCriteriaId": "FED22DC1-E06B-4511-B920-6DAB792262D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.0.04:*:*:*:*:*:*:*",
"matchCriteriaId": "4CE44CA7-4BC7-4C2B-948F-2ACABB91528B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F757B2A7-869F-4702-81EB-466317A79D61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "01F6E9A9-6C85-48DA-BC61-55F8EACCB59F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:sun:crypto_accelerator_4000:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "64AF1E33-4086-43E2-8F54-DA75A99D4B75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:bluecoat:cacheos_ca_sa:4.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "53D16F03-A4C7-4497-AB74-499F208FF059",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:bluecoat:cacheos_ca_sa:4.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "13A33EC1-836B-4C8C-AC18-B5BD4F90E612",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "58BE9C02-2A01-4F6F-A6BD-BC0173561E9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C558CED8-8342-46CB-9F52-580B626D320E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0F85D19E-6C26-429D-B876-F34238B9DAAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FEC7CCF7-CBC6-4EDC-8EDD-884DFFFBCC7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E5011A33-CD6D-4EFC-ACFD-E51C9AE726A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(4.101\\):*:*:*:*:*:*:*",
"matchCriteriaId": "09063867-0E64-4630-B35B-4CCA348E4DAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78F98CD7-A352-483C-9968-8FB2627A7CBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F97FE485-705F-4707-B6C6-0EF9E8A85D5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E2B925E8-D2C2-4E8C-AC21-0C422245C482",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B9170562-872E-4C32-869C-B10FF35A925E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D0927A68-8BB2-4F03-8396-E9CACC158FC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "559DDBA3-2AF4-4A0C-B219-6779BA931F21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "ED9D142A-DDC8-4BD6-8C22-F242C9C0B1ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5226C9CC-6933-4F10-B426-B47782C606FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "757DAE9A-B25D-4B8A-A41B-66C2897B537E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5E3DC170-E279-4725-B9EE-6840B5685CC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(3.100\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8091EDA9-BD18-47F7-8CEC-E086238647C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6F867890-74A4-4892-B99A-27DB4603B873",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CE05B514-F094-4632-B25B-973F976F6409",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3392428D-1A85-4472-A276-C482A78E2CE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(3.102\\):*:*:*:*:*:*:*",
"matchCriteriaId": "40954985-16E6-4F37-B014-6A55166AE093",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(3.109\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0C097809-1FEF-4417-A201-42291CC29122",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference."
},
{
"lang": "es",
"value": "La funci\u00f3n do_change_cipher_spec en OpenSSL 0.9.6c hasta 0.9.6.k y 0.9.7a hasta 0.9.7c permite que atacantes remotos provoquen una denegaci\u00f3n de servicio (ca\u00edda) mediante una h\u00e1bil uni\u00f3n SSL/TLS que provoca un puntero nulo."
}
],
"id": "CVE-2004-0079",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2004-11-23T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:05.openssl.asc"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://docs.info.apple.com/article.html?artnum=61798"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://fedoranews.org/updates/FEDORA-2004-095.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://lists.apple.com/mhonarc/security-announce/msg00045.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107953412903636\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108403806509920\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/11139"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/17381"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/17398"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/17401"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/18247"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200403-03.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2005-239.htm"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://support.lexmark.com/index?page=content\u0026id=TE88\u0026locale=EN\u0026userlocale=EN_US"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.ciac.org/ciac/bulletins/o-101.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2004/dsa-465"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/288574"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.novell.com/linux/security/advisories/2004_07_openssl.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.openssl.org/news/secadv_20040317.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2005-October/msg00087.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-120.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-121.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-139.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-829.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-830.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/9899"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.455961"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.trustix.org/errata/2004/0012"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15505"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2621"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5770"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A870"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A975"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9779"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:05.openssl.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://docs.info.apple.com/article.html?artnum=61798"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://fedoranews.org/updates/FEDORA-2004-095.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://lists.apple.com/mhonarc/security-announce/msg00045.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107953412903636\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108403806509920\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/11139"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/17381"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/17398"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/17401"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/18247"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200403-03.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2005-239.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://support.lexmark.com/index?page=content\u0026id=TE88\u0026locale=EN\u0026userlocale=EN_US"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.ciac.org/ciac/bulletins/o-101.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2004/dsa-465"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/288574"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.novell.com/linux/security/advisories/2004_07_openssl.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.openssl.org/news/secadv_20040317.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2005-October/msg00087.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-120.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-121.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-139.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-829.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-830.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/9899"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.455961"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.trustix.org/errata/2004/0012"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15505"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2621"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5770"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A870"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A975"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9779"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.",
"lastModified": "2007-03-14T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-09-08 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Check Point FireWall-1 3.0b through 4.1 for Solaris allows local users to overwrite arbitrary files via a symlink attack on temporary policy files that end in a .cpp extension, which are set world-writable.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/archive/1/212824 | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/3300 | Patch, Vendor Advisory | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/7094 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/212824 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/3300 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/7094 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| checkpoint | firewall-1 | 3.0 | |
| checkpoint | firewall-1 | 4.0 | |
| checkpoint | firewall-1 | 4.1 | |
| checkpoint | firewall-1 | 4.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A550C18E-F07A-4A05-87F0-B1D52FDC401C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0F543272-8C7E-4326-BA97-142FBEA641E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "100F03E3-1538-47AF-9CA6-E9E5C1DF05D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:4.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "AFCB5D3D-E8C6-43CE-A1D4-7F46519E9893",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Check Point FireWall-1 3.0b through 4.1 for Solaris allows local users to overwrite arbitrary files via a symlink attack on temporary policy files that end in a .cpp extension, which are set world-writable."
}
],
"id": "CVE-2001-1102",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 1.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-09-08T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/archive/1/212824"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/3300"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7094"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/archive/1/212824"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/3300"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7094"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-08-31 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Check Point FireWall-1 allows remote attackers to cause a denial of service (high CPU) via a flood of packets to port 264.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| checkpoint | firewall-1 | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:*:*:*:*:*:*:*:*",
"matchCriteriaId": "85711114-A402-4B53-AA91-DC66937606F1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Check Point FireWall-1 allows remote attackers to cause a denial of service (high CPU) via a flood of packets to port 264."
}
],
"id": "CVE-2000-1201",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-08-31T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0085.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0085.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}