Lucene search
K

66 matches found

OpenVAS
OpenVAS
added 2008/11/05 12:0 a.m.185 views

Check Point VPN-1 PAT Information Disclosure Vulnerability - Active Check

Check Point VPN-1 PAT is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2008 Tim Brown and Portcullis Computer Security Ltd Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

5CVSS6.2AI score0.01618EPSS
Exploits2References1
NVD
NVD
added 2008/03/20 12:44 a.m.18 views

CVE-2008-1397

Check Point VPN-1 Power/UTM, with NGX R60 through R65 and NG AI R55 software, allows remote authenticated users to cause a denial of service site-to-site VPN tunnel outage, and possibly intercept network traffic, by configuring the local RFC1918 IP address to be the same as one of this tunnel's...

6.5CVSS6.3AI score0.02165EPSS
Exploits1References9
Prion
Prion
added 2008/03/20 12:44 a.m.14 views

Code injection

Check Point VPN-1 Power/UTM, with NGX R60 through R65 and NG AI R55 software, allows remote authenticated users to cause a denial of service site-to-site VPN tunnel outage, and possibly intercept network traffic, by configuring the local RFC1918 IP address to be the same as one of this tunnel's...

6.5CVSS6.8AI score0.02165EPSS
Exploits1References9Affected Software5
Cvelist
Cvelist
added 2008/03/20 12:0 a.m.20 views

CVE-2008-1397

Check Point VPN-1 Power/UTM, with NGX R60 through R65 and NG AI R55 software, allows remote authenticated users to cause a denial of service site-to-site VPN tunnel outage, and possibly intercept network traffic, by configuring the local RFC1918 IP address to be the same as one of this tunnel's...

6.3AI score0.02165EPSS
Exploits1References9
CERT
CERT
added 2008/03/18 12:0 a.m.17 views

Check Point VPN-1 information disclosure vulnerability

Overview The Check Point VPN-1 firewall contains an information disclosure vulnerability that may allow an authenticated attacker to access data that they are not authorized to access. Description The Check Point VPN-1 is an application layer firewall that supports remote and site-to-site virtual...

6.8AI score
Exploits0References2
NVD
NVD
added 2008/03/08 12:44 a.m.17 views

CVE-2008-1208

Cross-site scripting XSS vulnerability in the login page in Check Point VPN-1 UTM Edge W Embedded NGX 7.0.48x allows remote attackers to inject arbitrary web script or HTML via the user parameter...

4.3CVSS5.7AI score0.01922EPSS
Exploits0References8
Prion
Prion
added 2008/03/08 12:44 a.m.12 views

Cross site scripting

Cross-site scripting XSS vulnerability in the login page in Check Point VPN-1 UTM Edge W Embedded NGX 7.0.48x allows remote attackers to inject arbitrary web script or HTML via the user parameter...

4.3CVSS6.1AI score0.01922EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2008/03/08 12:0 a.m.21 views

CVE-2008-1208

Cross-site scripting XSS vulnerability in the login page in Check Point VPN-1 UTM Edge W Embedded NGX 7.0.48x allows remote attackers to inject arbitrary web script or HTML via the user parameter...

5.7AI score0.01922EPSS
Exploits0References8
Exploit DB
Exploit DB
added 2008/03/06 12:0 a.m.28 views

Check Point VPN-1 UTM Edge NGX 7.0.48x - Login Page Cross-Site Scripting

source: https://www.securityfocus.com/bid/28116/info Check Point VPN-1 UTM Edge is prone to a cross-site scripting vulnerability because it fails to adequately sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user...

7AI score
Exploits0
exploitpack
exploitpack
added 2008/03/06 12:0 a.m.11 views

Check Point VPN-1 UTM Edge NGX 7.0.48x - Login Page Cross-Site Scripting

Check Point VPN-1 UTM Edge NGX 7.0.48x - Login Page Cross-Site Scripting source: https://www.securityfocus.com/bid/28116/info Check Point VPN-1 UTM Edge is prone to a cross-site scripting vulnerability because it fails to adequately sanitize user-supplied input. An attacker may leverage this issu...

6.8AI score
Exploits0
Prion
Prion
added 2008/02/08 2:0 a.m.21 views

Design/Logic Flaw

The Auto Local Logon feature in Check Point VPN-1 SecuRemote/SecureClient NGX R60 and R56 for Windows caches credentials under the Checkpoint\SecuRemote registry key, which has Everyone/Full Control permissions, which allows local users to gain privileges by reading and reusing the credentials...

7.2CVSS7.1AI score0.00337EPSS
Exploits0References8Affected Software1
CVE
CVE
added 2008/02/08 1:0 a.m.88 views

CVE-2008-0662

CVE-2008-0662 affects Check Point VPN-1 SecuRemote/SecureClient NGX for Windows (R60 and R56). The Auto Local Logon feature caches credentials in the Checkpoint\SecuRemote registry key which has Everyone/Full Control permissions, enabling local users to read and reuse credentials to gain privileg...

7.8CVSS7.7AI score0.00337EPSS
Exploits0References8Affected Software1
seebug.org
seebug.org
added 2007/09/20 12:0 a.m.84 views

Check Point VPN-1/FireWall-1 4.1 SP2 Blocked Port Bypass Exploit

No description provided by source. / Summary A vulnerability exists in Check Point VPN-1/FireWall-1 4.1 SP2 that enables an attacker to establish connections to blocked TCP services through the firewall in certain configurations. We expect many deployed FireWall-1 installations to be immune to th...

7.1AI score
Exploits0
Prion
Prion
added 2007/06/29 6:30 p.m.17 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in pop/WizU.html in the management interface in Check Point VPN-1 Edge X Embedded NGX 7.0.33x on the Check Point VPN-1 UTM Edge allows remote attackers to perform privileged actions as administrators, as demonstrated by a request with the swuuser and...

9.3CVSS7.4AI score0.03285EPSS
Exploits0References7Affected Software1
NVD
NVD
added 2007/06/29 6:30 p.m.12 views

CVE-2007-3489

Cross-site request forgery CSRF vulnerability in pop/WizU.html in the management interface in Check Point VPN-1 Edge X Embedded NGX 7.0.33x on the Check Point VPN-1 UTM Edge allows remote attackers to perform privileged actions as administrators, as demonstrated by a request with the swuuser and...

9.3CVSS6.8AI score0.03285EPSS
Exploits0References7
CVE
CVE
added 2007/06/29 6:0 p.m.83 views

CVE-2007-3489

CVE-2007-3489 affects Check Point VPN-1 Edge X Embedded NGX 7.0.33x with CSRF in the management interface (pop/WizU.html). A remote attacker can perform privileged actions as administrators, demonstrated by a request using swuuser and swupass parameters to add an administrator account. The vulner...

9.3CVSS6.8AI score0.03285EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2007/06/29 6:0 p.m.19 views

CVE-2007-3489

Cross-site request forgery CSRF vulnerability in pop/WizU.html in the management interface in Check Point VPN-1 Edge X Embedded NGX 7.0.33x on the Check Point VPN-1 UTM Edge allows remote attackers to perform privileged actions as administrators, as demonstrated by a request with the swuuser and...

6.8AI score0.03285EPSS
Exploits0References7
CVE
CVE
added 2006/01/18 2:0 a.m.49 views

CVE-2006-0255

Unquoted Windows search path vulnerability in Check Point VPN-1 SecureClient could allow local privilege escalation via a malicious program.exe placed in the C:\ folder, which is executed when SecureClient launches Sr_GUI.exe. Affected product: Check Point VPN-1 SecureClient. Root cause: unquoted...

7.2CVSS6.6AI score0.0034EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2006/01/18 2:0 a.m.18 views

CVE-2006-0255

Unquoted Windows search path vulnerability in Check Point VPN-1 SecureClient might allow local users to gain privileges via a malicious "program.exe" file in the C: folder, which is run when SecureClient attempts to launch the SrGUI.exe program...

6.5AI score0.0034EPSS
Exploits0References4
NVD
NVD
added 2006/01/18 1:51 a.m.15 views

CVE-2006-0255

Unquoted Windows search path vulnerability in Check Point VPN-1 SecureClient might allow local users to gain privileges via a malicious "program.exe" file in the C: folder, which is run when SecureClient attempts to launch the SrGUI.exe program...

7.2CVSS6.5AI score0.0034EPSS
Exploits0References4
Rows per page
Query Builder