CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 0CVE-2002-2405
https://notcve.org/view.php?id=CVE-2002-2405
Check Point FireWall-1 4.1 and Next Generation (NG), with UserAuth configured to proxy HTTP traffic only, allows remote attackers to pass unauthorized HTTPS, FTP and possibly other traffic through the firewall. • http://archives.neohapsis.com/archives/bugtraq/2002-09/0219.html http://www.iss.net/security_center/static/10139.php http://www.securityfocus.com/bid/5744 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 0%CPEs: 21EXPL: 1CVE-2002-0428
https://notcve.org/view.php?id=CVE-2002-0428
Check Point FireWall-1 SecuRemote/SecuClient 4.0 and 4.1 allows clients to bypass the "authentication timeout" by modifying the to_expire or expire values in the client's users.C configuration file. • http://online.securityfocus.com/archive/1/260662 http://www.iss.net/security_center/static/8423.php http://www.securityfocus.com/bid/4253 •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2001-1171
https://notcve.org/view.php?id=CVE-2001-1171
Check Point Firewall-1 3.0b through 4.0 SP1 follows symlinks and creates a world-writable temporary .cpp file when compiling Policy rules, which could allow local users to gain privileges or modify the firewall policy. Chek Point Firewall-1 3.0b a 4.0 SP1 sigue enlaces simbólicos y crea un fichero temporal .cpp escribible por todos los usuarios cuando compila las reglas de seguridad, lo que permite a un usuario local obtener privilegios o modificar la política del web. • http://archives.neohapsis.com/archives/bugtraq/2001-09/0046.html •
CVSS: 5.0EPSS: 0%CPEs: 8EXPL: 0CVE-2001-1431
https://notcve.org/view.php?id=CVE-2001-1431
Nokia Firewall Appliances running IPSO 3.3 and VPN-1/FireWall-1 4.1 Service Pack 3, IPSO 3.4 and VPN-1/FireWall-1 4.1 Service Pack 4, and IPSO 3.4 or IPSO 3.4.1 and VPN-1/FireWall-1 4.1 Service Pack 5, when SYN Defender is configured in Active Gateway mode, does not properly rewrite the third packet of a TCP three-way handshake to use the NAT IP address, which allows remote attackers to gain sensitive information. • http://www.kb.cert.org/vuls/id/258731 https://exchange.xforce.ibmcloud.com/vulnerabilities/8293 •
CVSS: 7.5EPSS: 3%CPEs: 2EXPL: 0CVE-2001-0940
https://notcve.org/view.php?id=CVE-2001-0940
Buffer overflow in the GUI authentication code of Check Point VPN-1/FireWall-1 Management Server 4.0 and 4.1 allows remote attackers to execute arbitrary code via a long user name. • http://archives.neohapsis.com/archives/win2ksecadvice/2001-q3/0151.html http://cert.uni-stuttgart.de/archive/bugtraq/2001/11/msg00291.html http://marc.info/?l=bugtraq&m=100094268017271&w=2 http://marc.info/?l=bugtraq&m=100698954308436&w=2 http://www.checkpoint.com/techsupport/alerts/buffer_overflow.html http://www.osvdb.org/1951 http://www.securityfocus.com/bid/3336 https://exchange.xforce.ibmcloud.com/vulnerabilities/7145 •