CVSS: 9.8EPSS: 4%CPEs: 8EXPL: 0CVE-2011-1827
https://notcve.org/view.php?id=CVE-2011-1827
05 Oct 2011 — Multiple unspecified vulnerabilities in Check Point SSL Network Extender (SNX), SecureWorkSpace, and Endpoint Security On-Demand, as distributed by SecurePlatform, IPSO6, Connectra, and VSX, allow remote attackers to execute arbitrary code via vectors involving a (1) ActiveX control or (2) Java applet. Múltiples vulnerabilidades sin especificar en Check Point SSL Network Extender (SNX), SecureWorkSpace y Endpoint Security On-Demand, como se distribuye en SecurePlatform, IPSO6, Connectra and VSX. Permite a a... • http://www.securityfocus.com/bid/47695 •
CVSS: 10.0EPSS: 3%CPEs: 1EXPL: 4CVE-2009-1227 – Check Point Firewall-1 - PKI Web Service HTTP Header Remote Overflow
https://notcve.org/view.php?id=CVE-2009-1227
02 Apr 2009 — NOTE: this issue has been disputed by the vendor. Buffer overflow in the PKI Web Service in Check Point Firewall-1 PKI Web Service allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long (1) Authorization or (2) Referer HTTP header to TCP port 18624. NOTE: the vendor has disputed this issue, stating "Check Point Security Alert Team has analyzed this report. We've tried to reproduce the attack on all VPN-1 versions from NG FP2 and above with and without HFA... • https://www.exploit-db.com/exploits/8313 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 8%CPEs: 6EXPL: 1CVE-2008-1397
https://notcve.org/view.php?id=CVE-2008-1397
20 Mar 2008 — Check Point VPN-1 Power/UTM, with NGX R60 through R65 and NG AI R55 software, allows remote authenticated users to cause a denial of service (site-to-site VPN tunnel outage), and possibly intercept network traffic, by configuring the local RFC1918 IP address to be the same as one of this tunnel's endpoint RFC1918 IP addresses, and then using SecuRemote to connect to a network interface at the other endpoint. Check Point VPN-1 Power/UTM, con NGX R60 hasta R65 y el software NG AI R55, permite a usuarios remot... • http://puresecurity.com.au/index.php?action=fullnews&id=5 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 1%CPEs: 3EXPL: 1CVE-2006-3885
https://notcve.org/view.php?id=CVE-2006-3885
27 Jul 2006 — Directory traversal vulnerability in Check Point Firewall-1 R55W before HFA03 allows remote attackers to read arbitrary files via an encoded .. (dot dot) in the URL on TCP port 18264. Vulnerabilidad de salto de directorio en Check Point Firewall-1 R55W anterior a HFA03 permite a atacantes remotos leer archivos de su elección mediante un .. (punto punto) codificado en el URL en el puerto TCP 18264. • http://secunia.com/advisories/21200 •
CVSS: 7.8EPSS: 9%CPEs: 8EXPL: 0CVE-2005-3673
https://notcve.org/view.php?id=CVE-2005-3673
18 Nov 2005 — The Internet Key Exchange version 1 (IKEv1) implementation in Check Point products allows remote attackers to cause a denial of service via certain crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to. • http://jvn.jp/niscc/NISCC-273756/index.html •
CVSS: 7.8EPSS: 0%CPEs: 18EXPL: 0CVE-2004-2679
https://notcve.org/view.php?id=CVE-2004-2679
31 Dec 2004 — Check Point Firewall-1 4.1 up to NG AI R55 allows remote attackers to obtain potentially sensitive information by sending an Internet Key Exchange (IKE) with a certain Vendor ID payload that causes Firewall-1 to return a response containing version and other information. • http://archives.neohapsis.com/archives/fulldisclosure/2004-06/0477.html •
CVSS: 9.8EPSS: 17%CPEs: 2EXPL: 0CVE-2004-0699
https://notcve.org/view.php?id=CVE-2004-0699
14 Sep 2004 — Heap-based buffer overflow in ASN.1 decoding library in Check Point VPN-1 products, when Aggressive Mode IKE is implemented, allows remote attackers to execute arbitrary code by initiating an IKE negotiation and then sending an IKE packet with malformed ASN.1 data. Desbordamiento de búfer basado en el montón en la librería de decodificación ASN.1 de productos CheckPoint VPN-1, cuando se ha implementado IKE agresivo, permite a atacantes remotos ejecutar código de su elección iniciando una negociación IKE y e... • http://secunia.com/advisories/12177 •
CVSS: 10.0EPSS: 6%CPEs: 8EXPL: 0CVE-2004-0469
https://notcve.org/view.php?id=CVE-2004-0469
14 May 2004 — Buffer overflow in the ISAKMP functionality for Check Point VPN-1 and FireWall-1 NG products, before VPN-1/FireWall-1 R55 HFA-03, R54 HFA-410 and NG FP3 HFA-325, or VPN-1 SecuRemote/SecureClient R56, may allow remote attackers to execute arbitrary code during VPN tunnel negotiation. Desbordamiento de búfer en la funcionalidad ISAKMP de los productos Check Point VPN-1 y FireWall-1 NG, anteriores a VPN-1/FireWall-1 R55 HFA-03, R54 HFA-410 y NG FP3 HFA-325, o VPN-1 SecuRemote/SecureClient R56, puede permitir a... • http://www.checkpoint.com/techsupport/alerts/ike_vpn.html •
CVSS: 7.5EPSS: 5%CPEs: 252EXPL: 0CVE-2004-0079
https://notcve.org/view.php?id=CVE-2004-0079
18 Mar 2004 — The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference. La función do_change_cipher_spec en OpenSSL 0.9.6c hasta 0.9.6.k y 0.9.7a hasta 0.9.7c permite que atacantes remotos provoquen una denegación de servicio (caída) mediante una hábil unión SSL/TLS que provoca un puntero nulo. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:05.openssl.asc • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 3%CPEs: 252EXPL: 0CVE-2004-0081
https://notcve.org/view.php?id=CVE-2004-0081
18 Mar 2004 — OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool. OpenSSL 0.9.6 anteriores a la 0.9.6d no manejan adecuadamente los tipos de mensajes desconocidos, lo que permite a atacantes remotos causar una denegación de servicios (por bucle infinito), como se demuestra utilizando la herramienta de testeo Codenomicon TLS. • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt •