CVE-2002-1623
https://notcve.org/view.php?id=CVE-2002-1623
The design of the Internet Key Exchange (IKE) protocol, when using Aggressive Mode for shared secret authentication, does not encrypt initiator or responder identities during negotiation, which may allow remote attackers to determine valid usernames by (1) monitoring responses before the password is supplied or (2) sniffing, as originally reported for FireWall-1 SecuRemote. • http://lists.grok.org.uk/pipermail/full-disclosure/2002-September/001223.html http://marc.info/?l=bugtraq&m=103124812629621&w=2 http://marc.info/?l=bugtraq&m=103176164729351&w=2 http://www.checkpoint.com/techsupport/alerts/ike.html http://www.kb.cert.org/vuls/id/886601 http://www.nta-monitor.com/news/checkpoint.htm http://www.securiteam.com/securitynews/5TP040U8AW.html http://www.securityfocus.com/archive/1/290202 http://www.securityfocus.com/bid/5607 https://exchang •
CVE-2002-0428
https://notcve.org/view.php?id=CVE-2002-0428
Check Point FireWall-1 SecuRemote/SecuClient 4.0 and 4.1 allows clients to bypass the "authentication timeout" by modifying the to_expire or expire values in the client's users.C configuration file. • http://online.securityfocus.com/archive/1/260662 http://www.iss.net/security_center/static/8423.php http://www.securityfocus.com/bid/4253 •
CVE-2001-0940
https://notcve.org/view.php?id=CVE-2001-0940
Buffer overflow in the GUI authentication code of Check Point VPN-1/FireWall-1 Management Server 4.0 and 4.1 allows remote attackers to execute arbitrary code via a long user name. • http://archives.neohapsis.com/archives/win2ksecadvice/2001-q3/0151.html http://cert.uni-stuttgart.de/archive/bugtraq/2001/11/msg00291.html http://marc.info/?l=bugtraq&m=100094268017271&w=2 http://marc.info/?l=bugtraq&m=100698954308436&w=2 http://www.checkpoint.com/techsupport/alerts/buffer_overflow.html http://www.osvdb.org/1951 http://www.securityfocus.com/bid/3336 https://exchange.xforce.ibmcloud.com/vulnerabilities/7145 •
CVE-2001-1101
https://notcve.org/view.php?id=CVE-2001-1101
The Log Viewer function in the Check Point FireWall-1 GUI for Solaris 3.0b through 4.1 SP2 does not check for the existence of '.log' files when saving files, which allows (1) remote authenticated users to overwrite arbitrary files ending in '.log', or (2) local users to overwrite arbitrary files via a symlink attack. • http://www.securityfocus.com/archive/1/212826 http://www.securityfocus.com/bid/3303 https://exchange.xforce.ibmcloud.com/vulnerabilities/7095 •
CVE-2001-1102
https://notcve.org/view.php?id=CVE-2001-1102
Check Point FireWall-1 3.0b through 4.1 for Solaris allows local users to overwrite arbitrary files via a symlink attack on temporary policy files that end in a .cpp extension, which are set world-writable. • http://www.securityfocus.com/archive/1/212824 http://www.securityfocus.com/bid/3300 https://exchange.xforce.ibmcloud.com/vulnerabilities/7094 •