CVSS: 10.0EPSS: 6%CPEs: 8EXPL: 0CVE-2004-0469
https://notcve.org/view.php?id=CVE-2004-0469
14 May 2004 — Buffer overflow in the ISAKMP functionality for Check Point VPN-1 and FireWall-1 NG products, before VPN-1/FireWall-1 R55 HFA-03, R54 HFA-410 and NG FP3 HFA-325, or VPN-1 SecuRemote/SecureClient R56, may allow remote attackers to execute arbitrary code during VPN tunnel negotiation. Desbordamiento de búfer en la funcionalidad ISAKMP de los productos Check Point VPN-1 y FireWall-1 NG, anteriores a VPN-1/FireWall-1 R55 HFA-03, R54 HFA-410 y NG FP3 HFA-325, o VPN-1 SecuRemote/SecureClient R56, puede permitir a... • http://www.checkpoint.com/techsupport/alerts/ike_vpn.html •
CVSS: 7.5EPSS: 5%CPEs: 252EXPL: 0CVE-2004-0079
https://notcve.org/view.php?id=CVE-2004-0079
18 Mar 2004 — The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference. La función do_change_cipher_spec en OpenSSL 0.9.6c hasta 0.9.6.k y 0.9.7a hasta 0.9.7c permite que atacantes remotos provoquen una denegación de servicio (caída) mediante una hábil unión SSL/TLS que provoca un puntero nulo. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:05.openssl.asc • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 3%CPEs: 252EXPL: 0CVE-2004-0081
https://notcve.org/view.php?id=CVE-2004-0081
18 Mar 2004 — OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool. OpenSSL 0.9.6 anteriores a la 0.9.6d no manejan adecuadamente los tipos de mensajes desconocidos, lo que permite a atacantes remotos causar una denegación de servicios (por bucle infinito), como se demuestra utilizando la herramienta de testeo Codenomicon TLS. • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt •
CVSS: 7.5EPSS: 0%CPEs: 245EXPL: 0CVE-2004-0112
https://notcve.org/view.php?id=CVE-2004-0112
18 Mar 2004 — The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read. El código que une SSL/TLS en OpenSSL 0.9.7a, 0.9.7b y 0.9.7c, usando Kerberos, no comprueba adecuadamente la longitud de los tickets de Kerberos, lo que permite que atacantes remotos provoquen una dene... • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc • CWE-125: Out-of-bounds Read •
CVSS: 10.0EPSS: 25%CPEs: 12EXPL: 0CVE-2004-0040
https://notcve.org/view.php?id=CVE-2004-0040
03 Mar 2004 — Stack-based buffer overflow in Check Point VPN-1 Server 4.1 through 4.1 SP6 and Check Point SecuRemote/SecureClient 4.1 through 4.1 build 4200 allows remote attackers to execute arbitrary code via an ISAKMP packet with a large Certificate Request packet. Desbordamiento de búfer basado en la pila en Checkpoint VPN-1 Server 4.1 a 4.1 SP6 y Checkpoint SecuRemote/SecureClient 4.1 a 4.1 compilación 4200 pemite a atacantes remotos ejecutar código arbitrario mediante un paquete ISAKMP con un paquete de Petición de... • http://marc.info/?l=bugtraq&m=107604682227031&w=2 •
CVSS: 7.5EPSS: 75%CPEs: 2EXPL: 2CVE-2002-1623
https://notcve.org/view.php?id=CVE-2002-1623
31 Dec 2002 — The design of the Internet Key Exchange (IKE) protocol, when using Aggressive Mode for shared secret authentication, does not encrypt initiator or responder identities during negotiation, which may allow remote attackers to determine valid usernames by (1) monitoring responses before the password is supplied or (2) sniffing, as originally reported for FireWall-1 SecuRemote. • http://lists.grok.org.uk/pipermail/full-disclosure/2002-September/001223.html •
CVSS: 9.8EPSS: 0%CPEs: 21EXPL: 1CVE-2002-0428
https://notcve.org/view.php?id=CVE-2002-0428
11 Jun 2002 — Check Point FireWall-1 SecuRemote/SecuClient 4.0 and 4.1 allows clients to bypass the "authentication timeout" by modifying the to_expire or expire values in the client's users.C configuration file. • http://online.securityfocus.com/archive/1/260662 •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2001-1499
https://notcve.org/view.php?id=CVE-2001-1499
31 Dec 2001 — Check Point VPN-1 4.1SP4 using SecuRemote returns different error messages for valid and invalid users, with prompts that vary depending on the authentication method being used, which makes it easier for remote attackers to conduct brute force attacks. • http://www.osvdb.org/20210 •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2001-1431
https://notcve.org/view.php?id=CVE-2001-1431
08 Oct 2001 — Nokia Firewall Appliances running IPSO 3.3 and VPN-1/FireWall-1 4.1 Service Pack 3, IPSO 3.4 and VPN-1/FireWall-1 4.1 Service Pack 4, and IPSO 3.4 or IPSO 3.4.1 and VPN-1/FireWall-1 4.1 Service Pack 5, when SYN Defender is configured in Active Gateway mode, does not properly rewrite the third packet of a TCP three-way handshake to use the NAT IP address, which allows remote attackers to gain sensitive information. • http://www.kb.cert.org/vuls/id/258731 •
CVSS: 8.8EPSS: 2%CPEs: 11EXPL: 0CVE-2001-1176
https://notcve.org/view.php?id=CVE-2001-1176
12 Jul 2001 — Format string vulnerability in Check Point VPN-1/FireWall-1 4.1 allows a remote authenticated firewall administrator to execute arbitrary code via format strings in the control connection. • http://archives.neohapsis.com/archives/bugtraq/2001-07/0209.html •