Product:

Vpn\-1

(Checkpoint)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 14
Date Id Summary Products Score Patch Annotated
2004-11-23 CVE-2004-0112 The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read. Webstar, Mac_os_x, Mac_os_x_server, Converged_communications_server, Intuity_audix, S8300, S8500, S8700, Sg200, Sg203, Sg208, Sg5, Vsu, Cacheos_ca_sa, Proxysg, Firewall\-1, Provider\-1, Vpn\-1, Access_registrar, Application_and_content_networking_software, Call_manager, Ciscoworks_common_management_foundation, Ciscoworks_common_services, Content_services_switch_11500, Css11000_content_services_switch, Css_secure_content_accelerator, Firewall_services_module, Gss_4480_global_site_selector, Gss_4490_global_site_selector, Ios, Mds_9000, Okena_stormwatch, Pix_firewall, Pix_firewall_software, Secure_content_accelerator, Threat_response, Webns, Bsafe_ssl\-J, Stonegate, Freebsd, Aaa_server, Apache\-Based_web_server, Hp\-Ux, Wbem, Litespeed_web_server, Instant_virtual_extranet, Edirectory, Imanager, Openbsd, Openssl, Enterprise_linux, Enterprise_linux_desktop, Linux, Openssl, Openserver, Sidewinder, Propack, Servercluster, Stonebeat_fullcluster, Stonebeat_securitycluster, Stonebeat_webcluster, Crypto_accelerator_4000, Clientless_vpn_gateway_4400, Tarantella_enterprise, Gsx_server N/A
2004-11-23 CVE-2004-0079 The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference. Webstar, Mac_os_x, Mac_os_x_server, Converged_communications_server, Intuity_audix, S8300, S8500, S8700, Sg200, Sg203, Sg208, Sg5, Vsu, Cacheos_ca_sa, Proxysg, Firewall\-1, Provider\-1, Vpn\-1, Access_registrar, Application_and_content_networking_software, Call_manager, Ciscoworks_common_management_foundation, Ciscoworks_common_services, Content_services_switch_11500, Css11000_content_services_switch, Css_secure_content_accelerator, Firewall_services_module, Gss_4480_global_site_selector, Gss_4490_global_site_selector, Ios, Mds_9000, Okena_stormwatch, Pix_firewall, Pix_firewall_software, Secure_content_accelerator, Threat_response, Webns, Bsafe_ssl\-J, Freebsd, Aaa_server, Apache\-Based_web_server, Hp\-Ux, Wbem, Speed_technologies_litespeed_web_server, Instant_virtual_extranet, Edirectory, Imanager, Openbsd, Openssl, Enterprise_linux, Enterprise_linux_desktop, Linux, Openssl, Openserver, Sidewinder, Propack, Servercluster, Stonebeat_fullcluster, Stonebeat_securitycluster, Stonebeat_webcluster, Stonegate, Stonegate_vpn_client, Crypto_accelerator_4000, Clientless_vpn_gateway_4400, Tarantella_enterprise, Gsx_server 7.5
2004-11-23 CVE-2004-0081 OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool. Webstar, Mac_os_x, Mac_os_x_server, Converged_communications_server, Intuity_audix, S8300, S8500, S8700, Sg200, Sg203, Sg208, Sg5, Vsu, Cacheos_ca_sa, Proxysg, Firewall\-1, Provider\-1, Vpn\-1, Access_registrar, Application_and_content_networking_software, Call_manager, Ciscoworks_common_management_foundation, Ciscoworks_common_services, Content_services_switch_11500, Css11000_content_services_switch, Css_secure_content_accelerator, Firewall_services_module, Gss_4480_global_site_selector, Gss_4490_global_site_selector, Ios, Mds_9000, Okena_stormwatch, Pix_firewall, Pix_firewall_software, Secure_content_accelerator, Threat_response, Webns, Bsafe_ssl\-J, Freebsd, Aaa_server, Apache\-Based_web_server, Hp\-Ux, Wbem, Speed_technologies_litespeed_web_server, Instant_virtual_extranet, Edirectory, Imanager, Openbsd, Openssl, Enterprise_linux, Enterprise_linux_desktop, Linux, Openssl, Openserver, Sidewinder, Propack, Servercluster, Stonebeat_fullcluster, Stonebeat_securitycluster, Stonebeat_webcluster, Stonegate, Stonegate_vpn_client, Crypto_accelerator_4000, Clientless_vpn_gateway_4400, Tarantella_enterprise, Gsx_server N/A
2011-10-05 CVE-2011-1827 Multiple unspecified vulnerabilities in Check Point SSL Network Extender (SNX), SecureWorkSpace, and Endpoint Security On-Demand, as distributed by SecurePlatform, IPSO6, Connectra, and VSX, allow remote attackers to execute arbitrary code via vectors involving a (1) ActiveX control or (2) Java applet. Connectra_ngx, Vpn\-1, Vpn\-1_firewall\-1_vsx N/A
2009-01-06 CVE-2008-5849 Check Point VPN-1 R55, R65, and other versions, when Port Address Translation (PAT) is used, allows remote attackers to discover intranet IP addresses via a packet with a small TTL, which triggers an ICMP_TIMXCEED_INTRANS (aka ICMP time exceeded in-transit) response containing an encapsulated IP packet with an intranet address, as demonstrated by a TCP packet to the firewall management server on port 18264. Vpn\-1 N/A
2008-03-19 CVE-2008-1397 Check Point VPN-1 Power/UTM, with NGX R60 through R65 and NG AI R55 software, allows remote authenticated users to cause a denial of service (site-to-site VPN tunnel outage), and possibly intercept network traffic, by configuring the local RFC1918 IP address to be the same as one of this tunnel's endpoint RFC1918 IP addresses, and then using SecuRemote to connect to a network interface at the other endpoint. Check_point_vpn\-1_pro, Vpn\-1, Vpn\-1_firewall\-1, Vpn\-1_power_utm, Vpn\-1_power_utm_with_ngx N/A
2006-01-18 CVE-2006-0255 Unquoted Windows search path vulnerability in Check Point VPN-1 SecureClient might allow local users to gain privileges via a malicious "program.exe" file in the C: folder, which is run when SecureClient attempts to launch the Sr_GUI.exe program. Vpn\-1 N/A
2005-11-18 CVE-2005-3673 The Internet Key Exchange version 1 (IKEv1) implementation in Check Point products allows remote attackers to cause a denial of service via certain crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to. Check_point, Express, Firewall\-1, Vpn\-1, Vpn\-1_firewall\-1_next_generation N/A
2004-09-28 CVE-2004-0699 Heap-based buffer overflow in ASN.1 decoding library in Check Point VPN-1 products, when Aggressive Mode IKE is implemented, allows remote attackers to execute arbitrary code by initiating an IKE negotiation and then sending an IKE packet with malformed ASN.1 data. Firewall\-1, Vpn\-1 N/A
2004-07-07 CVE-2004-0469 Buffer overflow in the ISAKMP functionality for Check Point VPN-1 and FireWall-1 NG products, before VPN-1/FireWall-1 R55 HFA-03, R54 HFA-410 and NG FP3 HFA-325, or VPN-1 SecuRemote/SecureClient R56, may allow remote attackers to execute arbitrary code during VPN tunnel negotiation. Firewall\-1, Next_generation, Ng\-Ai, Vpn\-1 N/A