{"href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-6967", "history": [], "references": [], "lastseen": "2016-09-03T08:07:51", "bulletinFamily": "NVD", "title": "CVE-2006-6967", "cpe": [], "viewCount": 3, "id": "CVE-2006-6967", "hash": "cfefe12a96f7a5ab3d429f736575e58c26c73b8b372b9f33c3a7cfb4b24617be", "description": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). In addition, it describes standard behavior (publication of revocation lists) and as such does not cross privilege boundaries. Notes: the former description is: \"Check Point FireWall-1 allows remote attackers to obtain certificate revocation lists (CRLs) and other unspecified sensitive information via an HTTP request for the top-level URI on the internal certificate authority (ICA) port (18264/tcp).\"", "edition": 1, "assessment": {"name": "", "href": "", "system": ""}, "cvelist": ["CVE-2006-6967"], "scanner": [], "modified": "2009-02-26T01:23:11", "cvss": {"score": 0.0, "vector": "NONE"}, "objectVersion": "1.2", "reporter": "NVD", "type": "cve", "published": "2007-02-03T19:28:00", "enchantments": {"score": {"value": 5.0, "vector": "NONE", "modified": "2016-09-03T08:07:51"}, "dependencies": {"references": [{"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:7177"]}, {"type": "osvdb", "idList": ["OSVDB:31592"]}], "modified": "2016-09-03T08:07:51"}, "vulnersScore": 5.0}}

{"securityvulns": [{"lastseen": "2018-08-31T11:09:23", "bulletinFamily": "software", "description": "It's possible to retrieve certificate revocation least from internal CA (port TCP/18246).", "modified": "2007-02-04T00:00:00", "published": "2007-02-04T00:00:00", "id": "SECURITYVULNS:VULN:7177", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:7177", "title": "CheckPoint FireWall-1 information leak", "type": "securityvulns", "cvss": {"score": 0.0, "vector": "NONE"}}], "osvdb": [{"lastseen": "2017-04-28T13:20:27", "bulletinFamily": "software", "description": "## Vulnerability Description\nCheck Point Firewall-1 contains a flaw that may lead to an unauthorized information disclosure. \u00a0The issue is triggered when an attacker connects to port 18264 and accesses the internal certificate for the server, revealing the presence of the firewall. This may also disclose certificate revocation lists and other information resulting in a loss of confidentiality.\n## Solution Description\nCurrently, there are no known upgrades or patches to correct this issue. It is possible to correct the flaw by implementing the following workaround: Restrict access to the Internal Certificate Authority interface to internal hosts.\n## Short Description\nCheck Point Firewall-1 contains a flaw that may lead to an unauthorized information disclosure. \u00a0The issue is triggered when an attacker connects to port 18264 and accesses the internal certificate for the server, revealing the presence of the firewall. This may also disclose certificate revocation lists and other information resulting in a loss of confidentiality.\n## Manual Testing Notes\nhttp://[target]:18264/\n## References:\nVendor URL: http://www.checkpoint.com/products/firewall-1/index.html\nOther Advisory URL: http://www.nessus.org/plugins/index.php?view=single&id=22094\n[Nessus Plugin ID:22094](https://vulners.com/search?query=pluginID:22094)\nKeyword: TCP Port 18264\n[CVE-2006-6967](https://vulners.com/cve/CVE-2006-6967)\n", "modified": "2006-01-01T08:13:00", "published": "2006-01-01T08:13:00", "href": "https://vulners.com/osvdb/OSVDB:31592", "id": "OSVDB:31592", "title": "Check Point FireWall-1 Internal Certificate Authority (ICA) Information Disclosure", "type": "osvdb", "cvss": {"score": 0.0, "vector": "NONE"}}]}