CVSS: 9.8EPSS: 0%CPEs: 21EXPL: 1CVE-2002-0428
https://notcve.org/view.php?id=CVE-2002-0428
11 Jun 2002 — Check Point FireWall-1 SecuRemote/SecuClient 4.0 and 4.1 allows clients to bypass the "authentication timeout" by modifying the to_expire or expire values in the client's users.C configuration file. • http://online.securityfocus.com/archive/1/260662 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2001-1171
https://notcve.org/view.php?id=CVE-2001-1171
15 Mar 2002 — Check Point Firewall-1 3.0b through 4.0 SP1 follows symlinks and creates a world-writable temporary .cpp file when compiling Policy rules, which could allow local users to gain privileges or modify the firewall policy. Chek Point Firewall-1 3.0b a 4.0 SP1 sigue enlaces simbólicos y crea un fichero temporal .cpp escribible por todos los usuarios cuando compila las reglas de seguridad, lo que permite a un usuario local obtener privilegios o modificar la política del web. • http://archives.neohapsis.com/archives/bugtraq/2001-09/0046.html •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2001-1499
https://notcve.org/view.php?id=CVE-2001-1499
31 Dec 2001 — Check Point VPN-1 4.1SP4 using SecuRemote returns different error messages for valid and invalid users, with prompts that vary depending on the authentication method being used, which makes it easier for remote attackers to conduct brute force attacks. • http://www.osvdb.org/20210 •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2001-1431
https://notcve.org/view.php?id=CVE-2001-1431
08 Oct 2001 — Nokia Firewall Appliances running IPSO 3.3 and VPN-1/FireWall-1 4.1 Service Pack 3, IPSO 3.4 and VPN-1/FireWall-1 4.1 Service Pack 4, and IPSO 3.4 or IPSO 3.4.1 and VPN-1/FireWall-1 4.1 Service Pack 5, when SYN Defender is configured in Active Gateway mode, does not properly rewrite the third packet of a TCP three-way handshake to use the NAT IP address, which allows remote attackers to gain sensitive information. • http://www.kb.cert.org/vuls/id/258731 •
CVSS: 9.8EPSS: 8%CPEs: 2EXPL: 0CVE-2001-0940
https://notcve.org/view.php?id=CVE-2001-0940
21 Sep 2001 — Buffer overflow in the GUI authentication code of Check Point VPN-1/FireWall-1 Management Server 4.0 and 4.1 allows remote attackers to execute arbitrary code via a long user name. • http://archives.neohapsis.com/archives/win2ksecadvice/2001-q3/0151.html •
CVSS: 6.4EPSS: 0%CPEs: 5EXPL: 0CVE-2001-1101
https://notcve.org/view.php?id=CVE-2001-1101
08 Sep 2001 — The Log Viewer function in the Check Point FireWall-1 GUI for Solaris 3.0b through 4.1 SP2 does not check for the existence of '.log' files when saving files, which allows (1) remote authenticated users to overwrite arbitrary files ending in '.log', or (2) local users to overwrite arbitrary files via a symlink attack. • http://www.securityfocus.com/archive/1/212826 •
CVSS: 6.2EPSS: 0%CPEs: 4EXPL: 0CVE-2001-1102
https://notcve.org/view.php?id=CVE-2001-1102
08 Sep 2001 — Check Point FireWall-1 3.0b through 4.1 for Solaris allows local users to overwrite arbitrary files via a symlink attack on temporary policy files that end in a .cpp extension, which are set world-writable. • http://www.securityfocus.com/archive/1/212824 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2000-1201
https://notcve.org/view.php?id=CVE-2000-1201
31 Aug 2001 — Check Point FireWall-1 allows remote attackers to cause a denial of service (high CPU) via a flood of packets to port 264. • http://archives.neohapsis.com/archives/bugtraq/2000-07/0085.html •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2001-0682
https://notcve.org/view.php?id=CVE-2001-0682
29 Aug 2001 — ZoneAlarm and ZoneAlarm Pro allows a local attacker to cause a denial of service by running a trojan to initialize a ZoneAlarm mutex object which prevents ZoneAlarm from starting. • http://marc.info/?l=ntbugtraq&m=97818917222992&w=2 • CWE-667: Improper Locking •
CVSS: 7.5EPSS: 3%CPEs: 6EXPL: 1CVE-2001-1303 – Check Point Firewall-1 4 Securemote - Network Information Leak
https://notcve.org/view.php?id=CVE-2001-1303
18 Jul 2001 — The default configuration of SecuRemote for Check Point Firewall-1 allows remote attackers to obtain sensitive configuration information for the protected network without authentication. • https://www.exploit-db.com/exploits/21015 •