CVSS: 9.3EPSS: 4%CPEs: 8EXPL: 0CVE-2011-1827
https://notcve.org/view.php?id=CVE-2011-1827
Multiple unspecified vulnerabilities in Check Point SSL Network Extender (SNX), SecureWorkSpace, and Endpoint Security On-Demand, as distributed by SecurePlatform, IPSO6, Connectra, and VSX, allow remote attackers to execute arbitrary code via vectors involving a (1) ActiveX control or (2) Java applet. Múltiples vulnerabilidades sin especificar en Check Point SSL Network Extender (SNX), SecureWorkSpace y Endpoint Security On-Demand, como se distribuye en SecurePlatform, IPSO6, Connectra and VSX. Permite a atacantes remotos ejecutar código arbitrario a través de vectores que involucran un (1) control ActiveX o (2) applet de Java. • http://www.securityfocus.com/bid/47695 http://www.vupen.com/english/advisories/2011/1162 https://supportcenter.checkpoint.com/supportcenter/portal?solutionid=sk62410 https://www.sec-consult.com/en/advisories.html#a68 •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 1CVE-2008-1397
https://notcve.org/view.php?id=CVE-2008-1397
Check Point VPN-1 Power/UTM, with NGX R60 through R65 and NG AI R55 software, allows remote authenticated users to cause a denial of service (site-to-site VPN tunnel outage), and possibly intercept network traffic, by configuring the local RFC1918 IP address to be the same as one of this tunnel's endpoint RFC1918 IP addresses, and then using SecuRemote to connect to a network interface at the other endpoint. Check Point VPN-1 Power/UTM, con NGX R60 hasta R65 y el software NG AI R55, permite a usuarios remotos autenticados provocar una denegación de servicio (parada del túnel VPN sitio a sitio), y posiblemente interceptar tráfico de red, por la configuración de la dirección IP local RFC1918 al ser la misma que una de estas direcciones IP RFC1918 del punto final del túnel, y utilizando SecuRemote para conectar a una interfaz de red en el otro punto final. • http://puresecurity.com.au/index.php?action=fullnews&id=5 http://secunia.com/advisories/29394 http://www.kb.cert.org/vuls/id/992585 http://www.puresecurity.com.au/files/PureSecurity%20VPN-1%20DoS_Spoofing%20Attack%20against%20VPN%20tunnels.pdf http://www.securityfocus.com/bid/28299 http://www.securitytracker.com/id?1019666 http://www.vupen.com/english/advisories/2008/0953/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41260 https://supportcenter.checkpoint.com/supportcenter/portal • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 6%CPEs: 8EXPL: 0CVE-2005-3673
https://notcve.org/view.php?id=CVE-2005-3673
The Internet Key Exchange version 1 (IKEv1) implementation in Check Point products allows remote attackers to cause a denial of service via certain crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to. • http://jvn.jp/niscc/NISCC-273756/index.html http://secunia.com/advisories/17621 http://secureknowledge.us.checkpoint.com/SecureKnowledge/viewSolutionDocument.do?id=sk31316 http://securitytracker.com/id?1015235 http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp http://www.kb.cert.org/vuls/id/226364 http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=en http://www.securityfocus.com/bid/15479 http://www.vupen.com/english/advisories/2005/2470 •
CVSS: 7.5EPSS: 88%CPEs: 2EXPL: 0CVE-2004-0699
https://notcve.org/view.php?id=CVE-2004-0699
Heap-based buffer overflow in ASN.1 decoding library in Check Point VPN-1 products, when Aggressive Mode IKE is implemented, allows remote attackers to execute arbitrary code by initiating an IKE negotiation and then sending an IKE packet with malformed ASN.1 data. Desbordamiento de búfer basado en el montón en la librería de decodificación ASN.1 de productos CheckPoint VPN-1, cuando se ha implementado IKE agresivo, permite a atacantes remotos ejecutar código de su elección iniciando una negociación IKE y enviando un paquete IKE con datos ASN.1 malformados. • http://secunia.com/advisories/12177 http://securitytracker.com/alerts/2004/Jul/1010799.html http://www.checkpoint.com/techsupport/alerts/asn1.html http://www.ciac.org/ciac/bulletins/o-190.shtml http://www.kb.cert.org/vuls/id/435358 http://www.osvdb.org/displayvuln.php?osvdb_id=8290 http://www.securityfocus.com/bid/10820 http://xforce.iss.net/xforce/alerts/id/178 https://exchange.xforce.ibmcloud.com/vulnerabilities/16824 •
CVSS: 10.0EPSS: 5%CPEs: 8EXPL: 0CVE-2004-0469
https://notcve.org/view.php?id=CVE-2004-0469
Buffer overflow in the ISAKMP functionality for Check Point VPN-1 and FireWall-1 NG products, before VPN-1/FireWall-1 R55 HFA-03, R54 HFA-410 and NG FP3 HFA-325, or VPN-1 SecuRemote/SecureClient R56, may allow remote attackers to execute arbitrary code during VPN tunnel negotiation. Desbordamiento de búfer en la funcionalidad ISAKMP de los productos Check Point VPN-1 y FireWall-1 NG, anteriores a VPN-1/FireWall-1 R55 HFA-03, R54 HFA-410 y NG FP3 HFA-325, o VPN-1 SecuRemote/SecureClient R56, puede permitir a atacantes remotos ejecutar código arbitrario mediane una negociación de tunel VPN. • http://www.checkpoint.com/techsupport/alerts/ike_vpn.html http://www.securityfocus.com/bid/10273 https://exchange.xforce.ibmcloud.com/vulnerabilities/16060 •