CVE-2001-1105

RSA BSAFE SSL-J 3.0, 3.0.1 and 3.1, as used in Cisco iCND 2.0, caches session IDs from failed login attempts, which could allow remote attackers to bypass SSL client authentication and gain access to sensitive data by logging in after an initial failure...

Check Point FireWall-1 Telnet Client Authentication Detection

The Check Point FireWall-1 Client Authentication server is used to authenticate a user via telnet. Once authenticated, the user can get more privileges on the network ie, get access to hosts that were previously blocked by the firewall. C Tenable Network Security, Inc. include"compat.inc";...

Check Point FireWall-1 HTTP Client Authentication Detection

The Check Point FireWall-1 Client Authentication web server is used to authenticate a user via HTTP. Once authenticated, the user can get more privileges on the network ie: get access to hosts which were previously blocked by the firewall. C Tenable Network Security, Inc. include"compat.inc";...

CVE-2000-1032

The client authentication interface for Check Point Firewall-1 4.0 and earlier generates different error messages for invalid usernames versus invalid passwords, which allows remote attackers to identify valid usernames on the firewall...

CVE-2000-1032

The client authentication interface for Check Point Firewall-1 4.0 and earlier generates different error messages for invalid usernames versus invalid passwords, which allows remote attackers to identify valid usernames on the firewall...

SSH-1 allows client authentication to be forwarded by a malicious server to another server

Overview A design flaw in the SSH-1 protocol allows a malicious server to establish two concurrent sessions with the same session ID, allowing a man-in-the-middle attack. The client must accept unknown host keys from the malicious server to enable exploitation of this vulnerability. Description...