Page 7 of 123 results (0.011 seconds)

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

28 Jan 2009 — Cross-site scripting (XSS) vulnerability in index.php in Check Point Connectra NGX R62 HFA_01 allows remote attackers to inject arbitrary web script or HTML via the dir parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en index.php de Check Point Connectra NGX R62 HFA_01, permite a atacantes remotos inyectar secuencias de comandos Web o HTML de su elección a través de... • http://secunia.com/advisories/31553 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 1

06 Jan 2009 — Check Point VPN-1 R55, R65, and other versions, when Port Address Translation (PAT) is used, allows remote attackers to discover intranet IP addresses via a packet with a small TTL, which triggers an ICMP_TIMXCEED_INTRANS (aka ICMP time exceeded in-transit) response containing an encapsulated IP packet with an intranet address, as demonstrated by a TCP packet to the firewall management server on port 18264. Check Point VPN-1 R55, R65, y otras versiones, cuando la traducción de direcciones de puerto (PAT) es... • http://secunia.com/advisories/32728 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 6.5EPSS: 8%CPEs: 6EXPL: 1

20 Mar 2008 — Check Point VPN-1 Power/UTM, with NGX R60 through R65 and NG AI R55 software, allows remote authenticated users to cause a denial of service (site-to-site VPN tunnel outage), and possibly intercept network traffic, by configuring the local RFC1918 IP address to be the same as one of this tunnel's endpoint RFC1918 IP addresses, and then using SecuRemote to connect to a network interface at the other endpoint. Check Point VPN-1 Power/UTM, con NGX R60 hasta R65 y el software NG AI R55, permite a usuarios remot... • http://puresecurity.com.au/index.php?action=fullnews&id=5 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1

08 Mar 2008 — Cross-site scripting (XSS) vulnerability in the login page in Check Point VPN-1 UTM Edge W Embedded NGX 7.0.48x allows remote attackers to inject arbitrary web script or HTML via the user parameter. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en la página de entrada de usuarios de Check Point VPN-1 UTM Edge W Embedded NGX 7.0.48x permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elección a través del parámentro useCheck Point VPN-1 UTM r (usuario). • https://www.exploit-db.com/exploits/31340 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

08 Feb 2008 — The Auto Local Logon feature in Check Point VPN-1 SecuRemote/SecureClient NGX R60 and R56 for Windows caches credentials under the Checkpoint\SecuRemote registry key, which has Everyone/Full Control permissions, which allows local users to gain privileges by reading and reusing the credentials. La característica Auto Local Logon en Check Point VPN-1 SecuRemote/SecureClient NGX R60 y R56 para las credenciales de caché de Windows bajo la clave de registro Checkpoint\SecuRemote, que tiene permisos Everyone/Ful... • http://digihax.com • CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0

21 Aug 2007 — vsdatant.sys 6.5.737.0 in Check Point Zone Labs ZoneAlarm before 7.0.362 allows local users to gain privileges via a crafted Interrupt Request Packet (Irp) in a METHOD_NEITHER (1) IOCTL 0x8400000F or (2) IOCTL 0x84000013 request, which can be used to overwrite arbitrary memory locations. vsdatant.sys versión 6.5.737.0 en Check Point Zone Labs ZoneAlarm versiones anteriores a 7.0.362, permite a usuarios locales alcanzar privilegios por medio de un Interrupt Request Packet (Irp) diseñado en una petición (1) I... • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=585 • CWE-20: Improper Input Validation •

CVSS: 9.3EPSS: 1%CPEs: 1EXPL: 0

29 Jun 2007 — Cross-site request forgery (CSRF) vulnerability in pop/WizU.html in the management interface in Check Point VPN-1 Edge X Embedded NGX 7.0.33x on the Check Point VPN-1 UTM Edge allows remote attackers to perform privileged actions as administrators, as demonstrated by a request with the swuuser and swupass parameters, which adds an administrator account. NOTE: the CSRF attack has no timing window because there is no logout capability in the management interface. Vulnerabilidad de falsificación de petición en... • http://osvdb.org/37645 •

CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0

16 May 2007 — Check Point ZoneAlarm Pro before 6.5.737.000 does not properly test for equivalence of process identifiers for certain Microsoft Windows API functions in the NT kernel 5.0 and greater, which allows local users to call these functions, and bypass firewall rules or gain privileges, via a modified identifier that is one, two, or three greater than the canonical identifier. Check Point Zonealarm Pro anterior a 6.5.737.000 no comprueba adecuadamente la equivalencia de identificadores de proceso para determinadas... • http://osvdb.org/37383 •

CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 0

16 May 2007 — Check Point Web Intelligence does not properly handle certain full-width and half-width Unicode character encodings, which might allow remote attackers to evade detection of HTTP traffic. CheckPoint Web Intelligence no maneja adecuadamente determinadas codificaciones de caracteres Unicode de ancho completo y medio, lo cual podría permitir a atacantes remotos evadir la detección de tráfico HTTP. • http://www.gamasec.net/english/gs07-01.html •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

24 Apr 2007 — The IOCTL handling in srescan.sys in the ZoneAlarm Spyware Removal Engine (SRE) in Check Point ZoneAlarm before 5.0.156.0 allows local users to execute arbitrary code via certain IOCTL lrp parameter addresses. el manejo de IOCTL en srescan.sys en el ZoneAlarm Spyware Removal Engine (SRE) de Check Point ZoneAlarm anterior a 5.0.156.0 permite a usuarios locales ejecutar código de su elección a través de determinadas direcciones de parámetros lrp IOCTL. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=517 •