CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 1CVE-2008-5849
https://notcve.org/view.php?id=CVE-2008-5849
06 Jan 2009 — Check Point VPN-1 R55, R65, and other versions, when Port Address Translation (PAT) is used, allows remote attackers to discover intranet IP addresses via a packet with a small TTL, which triggers an ICMP_TIMXCEED_INTRANS (aka ICMP time exceeded in-transit) response containing an encapsulated IP packet with an intranet address, as demonstrated by a TCP packet to the firewall management server on port 18264. Check Point VPN-1 R55, R65, y otras versiones, cuando la traducción de direcciones de puerto (PAT) es... • http://secunia.com/advisories/32728 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 8%CPEs: 6EXPL: 1CVE-2008-1397
https://notcve.org/view.php?id=CVE-2008-1397
20 Mar 2008 — Check Point VPN-1 Power/UTM, with NGX R60 through R65 and NG AI R55 software, allows remote authenticated users to cause a denial of service (site-to-site VPN tunnel outage), and possibly intercept network traffic, by configuring the local RFC1918 IP address to be the same as one of this tunnel's endpoint RFC1918 IP addresses, and then using SecuRemote to connect to a network interface at the other endpoint. Check Point VPN-1 Power/UTM, con NGX R60 hasta R65 y el software NG AI R55, permite a usuarios remot... • http://puresecurity.com.au/index.php?action=fullnews&id=5 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 9%CPEs: 8EXPL: 0CVE-2005-3673
https://notcve.org/view.php?id=CVE-2005-3673
18 Nov 2005 — The Internet Key Exchange version 1 (IKEv1) implementation in Check Point products allows remote attackers to cause a denial of service via certain crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to. • http://jvn.jp/niscc/NISCC-273756/index.html •
CVSS: 10.0EPSS: 6%CPEs: 8EXPL: 0CVE-2004-0469
https://notcve.org/view.php?id=CVE-2004-0469
14 May 2004 — Buffer overflow in the ISAKMP functionality for Check Point VPN-1 and FireWall-1 NG products, before VPN-1/FireWall-1 R55 HFA-03, R54 HFA-410 and NG FP3 HFA-325, or VPN-1 SecuRemote/SecureClient R56, may allow remote attackers to execute arbitrary code during VPN tunnel negotiation. Desbordamiento de búfer en la funcionalidad ISAKMP de los productos Check Point VPN-1 y FireWall-1 NG, anteriores a VPN-1/FireWall-1 R55 HFA-03, R54 HFA-410 y NG FP3 HFA-325, o VPN-1 SecuRemote/SecureClient R56, puede permitir a... • http://www.checkpoint.com/techsupport/alerts/ike_vpn.html •
CVSS: 10.0EPSS: 25%CPEs: 12EXPL: 0CVE-2004-0040
https://notcve.org/view.php?id=CVE-2004-0040
03 Mar 2004 — Stack-based buffer overflow in Check Point VPN-1 Server 4.1 through 4.1 SP6 and Check Point SecuRemote/SecureClient 4.1 through 4.1 build 4200 allows remote attackers to execute arbitrary code via an ISAKMP packet with a large Certificate Request packet. Desbordamiento de búfer basado en la pila en Checkpoint VPN-1 Server 4.1 a 4.1 SP6 y Checkpoint SecuRemote/SecureClient 4.1 a 4.1 compilación 4200 pemite a atacantes remotos ejecutar código arbitrario mediante un paquete ISAKMP con un paquete de Petición de... • http://marc.info/?l=bugtraq&m=107604682227031&w=2 •