14 matches found
Check Point response to CVE-2025-32728 - The SSH directive "DisableForwarding" fails to disable "X11 Forwarding" and "Agent Forwarding"
Symptoms - A flaw was found in OpenSSH - in affected versions of SSHD, the directive "DisableForwarding" does not fully adhere to the intended functionality as documented. Specifically, it fails to disable X11 and Agent forwarding, which may allow unintended access under certain configurations...
Preventative Hotfix for CVE-2024-24919 - Quantum Gateway Information Disclosure
Solution This article refers to Quantum Security Gateways running Gaia OS and CloudGuard Network Security. For Quantum Spark Gateways that run a Gaia Embedded OS, see sk182357. Following our security update on May 27, 2024, Check Point's dedicated task force continues investigating attempts to ga...
Check Point Response to Docker Desktop Vulnerabilities
Solution This article provides Check Point response to Docker Desktop vulnerabilities that various vulnerability scanners may show when testing a Check Point Security Gateway / Management Server / Log Server. To exploit a Docker Desktop vulnerability, a malicious actor must have a local access on...
CVE-2021-30361
The Check Point Gaia Portal's GUI Clients allowed authenticated administrators with permission for the GUI Clients settings to inject a command that would run on the Gaia OS...
CVE-2021-30361
The Check Point Gaia Portal's GUI Clients allowed authenticated administrators with permission for the GUI Clients settings to inject a command that would run on the Gaia OS...
Check Point Gaia Operating System Open Interfaces With Default Password (sk145612)
The remote host is running a version of Gaia Operating System that is vulnerable to attacks after a CPUSE clean install and before completing the First Time Wizard. This is due to the administrator password being reset during the CPUSE clean installation process without also resetting interface...
Check Point Gaia Operating System Administrator password truncation (sk155172)
The remote host is running a version of the Gaia Operating System which is affected by a vulnerability. Administrators who set their password while firmware R77.20.85, R77.20.86 or R77.20.87 Build 990172921 were installed can authenticate to the SMB appliance using only the first 8 characters. Th...
Check Point Gaia Operating Remote Heap Buffer Overflow (sk104443)(GHOST)
The remote host is running a version of Gaia OS which is affected by a heap buffer overflow vulnerability in glibc which could potentially allow an attacker execute arbitrary code in the context of the user running the affected application. C Tenable Network Security, Inc. include"compat.inc"; if...
Check Point Gaia Operating System Multiple Vulnerabilities (sk106499)
The remote host is running a version of Gaia OS which is affected by multiple vulnerabilities: - An out of bounds read denial of service vulnerability in OpenSSL CVE-2015-1789 - An information disclosure weakness in the RC4 algorithm as used in SSL/TLS CVE-2015-2808 C Tenable Network Security, In...
Check Point Gaia Operating System VM escape and code execution (sk106060)(VENOM)
The remote host is running a version of Gaia OS which is affected by a vulnerability in the virtual floppy drive code which may allow an attacker to escape a virtualized environment and obtain code execution on the underlying host. C Tenable Network Security, Inc. include'compat.inc'; if...
Check Point Gaia Operating Security and Stability Update (sk100431)
The remote host is running a version of Gaia OS which is affected by an issue where system stability may be affected by certain traffic conditions. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid104996; scriptversion"$Revision: 1.1 $"; scriptcvsdate"$Date: 2017/12/04...
Check Point Gaia Operating System Threat Emulation Email Scan Bypass (sk96269)
The remote host is running a version of Gaia OS which is affected by an issue where email may bypass scanning by the Threat Emulation blade. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid105001; scriptversion"$Revision: 1.1 $"; scriptcvsdate"$Date: 2017/12/04 15:43:...
Blocking NTP access on Gaia OS / IPSO OS (CVE-2013-5211)
...
Design/Logic Flaw
The OSPF implementation in Check Point Gaia OS R75.X and R76 and IPSO OS 6.2 R75.X and R76 does not consider the possibility of duplicate Link State ID values in Link State Advertisement LSA packets before performing operations on the LSA database, which allows remote attackers to cause a denial ...