Advisory CA-2001-17

-----BEGIN PGP SIGNED MESSAGE----- CERT Advisory CA-2001-17 Check Point RDP Bypass Vulnerability Original release date: July 09, 2001 Last revised: -- Source: CERT/CC A complete revision history is at the end of this file. Systems Affected Check Point VPN-1 and FireWall-1 Version 4.1 Overview A...

CVE-2001-1158

Check Point VPN-1/FireWall-1 4.1 base.def contains a default macro, acceptfw1rdp, which can allow remote attackers to bypass intended restrictions with forged RDP internal protocol headers to UDP port 259 of arbitrary hosts...

CVE-2001-0428

Cisco VPN 3000 series concentrators before 2.5.2F allow remote attackers to cause a denial of service via an IP packet with an invalid IP option...

CVE-2001-0427

Cisco VPN 3000 series concentrators before 2.5.2F allow remote attackers to cause a denial of service via a flood of invalid login requests to 1 the SSL service, or 2 the telnet service, which do not properly disconnect the user after several failed login attempts...

Novell BorderManager 3.5 VPN Denial of Service

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Date Published: April 20th 2001 Advisory ID: HI200101 Bugtraq ID: 2623 CVE CAN: N/A Title: Novell BorderManager 3.5 VPN Denial of Service Class: Denial of Service Remotely Exploitable: yes Locally Exploitable: yes Vulnerability Description: Novell...

DoS против Cisco VPN 3000 (ip option)

Исопльзуя некорректные ip options можно вызвать отказ маршрутизатора в пределах локального сегмента...

Security Advisory: Cisco VPN3000 Concentrator IP Options Vulnerabil

-----BEGIN PGP SIGNED MESSAGE----- Cisco Security Advisory: VPN 3000 Concentrator IP Options Vulnerability ============================================================================= Revision 1.0 For Public Release 2001 April 12 at 1500 UTC...

VPN 3000 Concentrator IP Options Vulnerability

...

X4000 DoS: Details and workaround

System affected: --------------- BinTec X4000 Router All firmware versions as far as I know, only verified with latest release 5.1.6 Patch 10 Machines with activated additional VPN software license are NOT affected, neither are machines which filter 1723/tcp. Description: ----------- As mentioned...

Cisco Security Advisory: Cisco Catalyst SSH Protocol Mismatch Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Cisco Security Advisory: VPN3000 Concentrator TELNET Vulnerability ========================================================================== Revision 1.0 For Public Release 2001 March 28 08:00 UTC -0800...

Cisco PIX Security Notes

Cisco PIX Notes -- Introduction This is a simples paper on which i wrote down some note about "Cisco PIX Firewall" so it isn't well organized or talk specifically about a vulnerability . All test it's about THE latest pix release on this pix: Cisco Secure PIX Firewall Version 5.31 Hardware: SE442...

Cisco PIX Security Notes

Cisco PIX Notes -- Introduction This is a simples paper on which i wrote down some note about "Cisco PIX Firewall" so it isn't well organized or talk specifically about a vulnerability . All test it's about THE latest pix release on this pix: Cisco Secure PIX Firewall Version 5.31 Hardware: SE442...

PPTP Detection

The remote host is running a PPTP Point-to-Point Tunneling Protocol server. It allows users to set up a tunnel between their host and the network the remote host is attached to. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid10622; scriptversion "1.26";...

Nortel CES (3DES version) offers false sense of security when using IPSEC

Short summary: Nortel Networks Contivity Extranet Switch CES has a weakness in it's IPSEC key exchange when using 3DES encryption. The 3DES encryption keys are encrypted using single DES during initial key exchange thus reducing cryptographic strength to 56-bit DES level. The weakness affects bot...

CVE-2001-0082

Check Point VPN-1/FireWall-1 4.1 SP2 with Fastmode enabled allows remote attackers to bypass access restrictions via malformed, fragmented packets...

CVE-2001-0082

Check Point VPN-1/FireWall-1 4.1 SP2 with Fastmode enabled allows remote attackers to bypass access restrictions via malformed, fragmented packets...

CVE-2001-0082

Check Point VPN-1/FireWall-1 4.1 SP2 with Fastmode enabled is affected by CVE-2001-0082. The issue allows remote attackers to bypass access restrictions by sending malformed, fragmented packets, enabling partial confidentiality, integrity, and availability impacts. The primary documents do not pr...

CVE-2000-0804

Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to bypass the directionality check via fragmented TCP connection requests or reopening closed TCP connection requests, aka "One-way Connection Enforcement Bypass."...

CVE-2000-0805

Check Point VPN-1/FireWall-1 4.1 and earlier improperly retransmits encapsulated FWS packets, even if they do not come from a valid FWZ client, aka "Retransmission of Encapsulated Packets."...

CVE-2000-0806

The inter-module authentication mechanism fwa1 in Check Point VPN-1/FireWall-1 4.1 and earlier may allow remote attackers to conduct a denial of service, aka "Inter-module Communications Bypass."...