Design/Logic Flaw

The Auto Local Logon feature in Check Point VPN-1 SecuRemote/SecureClient NGX R60 and R56 for Windows caches credentials under the Checkpoint\SecuRemote registry key, which has Everyone/Full Control permissions, which allows local users to gain privileges by reading and reusing the credentials...

CVE-2008-0662

CVE-2008-0662 affects Check Point VPN-1 SecuRemote/SecureClient NGX for Windows (R60 and R56). The Auto Local Logon feature caches credentials in the Checkpoint\SecuRemote registry key which has Everyone/Full Control permissions, enabling local users to read and reuse credentials to gain privileg...

PT-2008-2284 · Check Point · Check Point Vpn-1 Securemote/Secureclient

Name of the Vulnerable Software and Affected Versions: Check Point VPN-1 SecuRemote/SecureClient NGX versions R56 and R60 Description: The issue concerns the Auto Local Logon feature, which caches credentials in a registry key with inadequate permissions, allowing local users to read and reuse...

SecureClient NGX R60 HFA 02 Supplement 2 protects against Auto Local Logon vulnerability (CVE-2008-0662)

...