CVE-2008-5994

Cross-site scripting XSS vulnerability in index.php in Check Point Connectra NGX R62 HFA01 allows remote attackers to inject arbitrary web script or HTML via the dir parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2008-5994

CVE-2008-5994 is an XSS vulnerability in Check Point Connectra NGX R62 HFA_01 (index.php) exploitable via the dir parameter. The root cause is inadequate sanitization of dir, allowing remote script/HTML injection. Impact details cited show partial integrity impact with no confidentiality or avail...

CVE-2007-0471

sre/params.php in the Integrity Clientless Security ICS component in Check Point Connectra NGX R62 3.x and earlier before Security Hotfix 5, and possibly VPN-1 NGX R62, allows remote attackers to bypass security requirements via a crafted Report parameter, which returns a valid ICSCookie...

CVE-2007-0471

Check Point Connectra NGX R62 3.x and earlier (before Security Hotfix 5) are affected by CVE-2007-0471 due to an issue in sre/params.php of the Integrity Clientless Security (ICS) component that lets an attacker craft a Report parameter to obtain a valid ICSCookie token and bypass security. The a...

SmartDefense Profiles Available for Users of VPN-1 NGX R62: Assigning a Profile per Gateway

The most significant enhancement in the NGX R62 release is the enablement of SmartDefense Profiles. SmartDefense Profiles expand the flexibility and granularity of security defenses, while allowing central control and management of the security infrastructure. By defining multiple SmartDefense...